What problem does this paper attempt to address?

The main problems that this paper attempts to solve are several key limitations in the existing system's observation log protection methods, specifically including: 1. **High - risk protection environment**: Existing log protection methods usually rely on general - purpose privileged components (such as hypervisors or TrustZone), which have a large trusted computing base (TCB) and attack surface. Redundant interfaces bring significant security risks. 2. **Significant synchronization slowdown under I/O - intensive workloads**: For systems that need to protect logs in memory, immediately copying the logs to isolated privileged memory for management and persistence after each log generation will cause a significant performance degradation, with a slowdown of up to 52.6%. 3. **Long - exposure window for log - tampering attacks**: Some solutions batch - process logs and periodically protect them in external local anti - tampering devices or remote storage, but this practice, due to the inherent I/O latency, causes the logs to be exposed in the host memory for a long time, increasing the risk of being tampered with. To solve these problems, the HitchHiker system aims to achieve the following goals: - **Ensure efficient log protection in memory**: Through an efficient hardware - permission - switching mechanism, complete log protection in a short time and avoid the performance overhead caused by frequent log - copying operations. - **Construct an end - to - end high - assurance environment**: Utilize hardware protection primitives and streamlined policies to ensure the security of log protection, persistence, and management while significantly reducing the TCB. - **Achieve a short and configurable real - time protection deadline**: Through precise hardware timers and memory - permission - switching, ensure that logs are protected in a short time and minimize the time window of log exposure. HitchHiker effectively solves the above problems through strategies such as redesigning the trusted memory environment, avoiding the use of large - scale software components, and delegating log - management tasks to protected daemons in the untrusted operating system. Experimental results show that HitchHiker can significantly reduce log - protection latency and performance overhead compared to existing methods. ### Key Formulas - Percentage of log - protection - latency reduction: \[ \text{Reduction percentage} = \left(1-\frac{\text{HitchHiker latency}}{\text{Existing - method latency}}\right)\times100\% \] - TCB - reduction multiple: \[ \text{TCB - reduction multiple}=\frac{\text{Existing - method TCB}}{\text{HitchHiker TCB}} \] These formulas demonstrate HitchHiker's significant improvements in log - protection latency and TCB.