Kumara et al., 2015 - Google Patents
Execution time measurement of virtual machine volatile artifacts analyzersKumara et al., 2015
View PDF- Document ID
- 2473933159763072816
- Author
- Kumara M
- Jaidhar C
- Publication year
- Publication venue
- 2015 IEEE 21st International Conference on Parallel and Distributed Systems (ICPADS)
External Links
Snippet
Due to a rapid revaluation in a virtualization environment, Virtual Machines (VMs) are target point for an attacker to gain privileged access of the virtual infrastructure. The Advanced Persistent Threats (APTs) such as malware, rootkit, spyware, etc. are more potent to bypass …
- 238000005259 measurement 0 title description 2
Classifications
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING; COUNTING
- G06F—ELECTRICAL DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/50—Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
- G06F21/55—Detecting local intrusion or implementing counter-measures
- G06F21/56—Computer malware detection or handling, e.g. anti-virus arrangements
- G06F21/562—Static detection
- G06F21/563—Static detection by source code analysis
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING; COUNTING
- G06F—ELECTRICAL DIGITAL DATA PROCESSING
- G06F9/00—Arrangements for programme control, e.g. control unit
- G06F9/06—Arrangements for programme control, e.g. control unit using stored programme, i.e. using internal store of processing equipment to receive and retain programme
- G06F9/44—Arrangements for executing specific programmes
- G06F9/455—Emulation; Software simulation, i.e. virtualisation or emulation of application or operating system execution engines
- G06F9/45533—Hypervisors; Virtual machine monitors
- G06F9/45558—Hypervisor-specific management and integration aspects
- G06F2009/45587—Isolation or security of virtual machine instances
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING; COUNTING
- G06F—ELECTRICAL DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/50—Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
- G06F21/55—Detecting local intrusion or implementing counter-measures
- G06F21/56—Computer malware detection or handling, e.g. anti-virus arrangements
- G06F21/566—Dynamic detection, i.e. detection performed at run-time, e.g. emulation, suspicious activities
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING; COUNTING
- G06F—ELECTRICAL DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/50—Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
- G06F21/55—Detecting local intrusion or implementing counter-measures
- G06F21/554—Detecting local intrusion or implementing counter-measures involving event detection and direct action
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING; COUNTING
- G06F—ELECTRICAL DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/50—Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
- G06F21/55—Detecting local intrusion or implementing counter-measures
- G06F21/552—Detecting local intrusion or implementing counter-measures involving long-term monitoring or reporting
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING; COUNTING
- G06F—ELECTRICAL DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/50—Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
- G06F21/57—Certifying or maintaining trusted computer platforms, e.g. secure boots or power-downs, version controls, system software checks, secure updates or assessing vulnerabilities
- G06F21/577—Assessing vulnerabilities and evaluating computer system security
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING; COUNTING
- G06F—ELECTRICAL DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/50—Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
- G06F21/52—Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems during program execution, e.g. stack integrity ; Preventing unwanted data erasure; Buffer overflow
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING; COUNTING
- G06F—ELECTRICAL DIGITAL DATA PROCESSING
- G06F11/00—Error detection; Error correction; Monitoring
- G06F11/30—Monitoring
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING; COUNTING
- G06F—ELECTRICAL DIGITAL DATA PROCESSING
- G06F2201/00—Indexing scheme relating to error detection, to error correction, and to monitoring
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| US11562071B2 (en) | Detecting malware via scanning for dynamically generated function pointers in memory | |
| Cheng et al. | A lightweight live memory forensic approach based on hardware virtualization | |
| Lengyel et al. | Scalability, fidelity and stealth in the DRAKVUF dynamic malware analysis system | |
| Jiang et al. | Stealthy malware detection and monitoring through VMM-based “out-of-the-box” semantic view reconstruction | |
| Zhang et al. | Spectre: A dependable introspection framework via system management mode | |
| More et al. | Virtual machine introspection: towards bridging the semantic gap | |
| Korkin et al. | Applying memory forensics to rootkit detection | |
| Xie et al. | Rootkit detection on virtual machines through deep information extraction at hypervisor-level | |
| Kumara et al. | Hypervisor and virtual machine dependent Intrusion Detection and Prevention System for virtualized cloud environment | |
| Win et al. | Detection of malware and kernel-level rootkits in cloud computing environments | |
| Weng et al. | CloudMon: monitoring virtual machines in clouds | |
| Kumara et al. | Execution time measurement of virtual machine volatile artifacts analyzers | |
| Nadim et al. | Characteristic features of the kernel-level rootkit for learning-based detection model training | |
| Memarian et al. | EyeCloud: A BotCloud detection system | |
| Zhang et al. | Secure virtualization environment based on advanced memory introspection | |
| Poore et al. | Evolution of digital forensics in virtualization by using virtual machine introspection | |
| Win et al. | Virtual machine introspection | |
| Grill et al. | A practical approach for generic bootkit detection and prevention | |
| Jia et al. | Findevasion: an effective environment-sensitive malware detection system for the cloud | |
| Upadhyay et al. | Windows virtualization architecture for cyber threats detection | |
| Mishra et al. | A taxonomy of hypervisor forensic tools | |
| Kumara et al. | Virtual machine introspection based spurious process detection in virtualized cloud computing environment | |
| Wang et al. | NOR: towards non-intrusive, real-time and OS-agnostic introspection for virtual machines in cloud environment | |
| Tang et al. | Virtav: An agentless antivirus system based on in-memory signature scanning for virtual machine | |
| Zhan et al. | Protecting critical files using target-based virtual machine introspection approach |