Recent advances in bridging the semantic gap between virtual ma-chines (VMs) and their guest processes have a dark side: They can be abused to subvert and compromise VM file system images and process images. To demonstrate this alarming capability, a context-aware, reactive VM Introspection (VMI) instrument is presented and leveraged to automatically break the authentication mechanisms of both Linux and Windows operating systems. By bridging the semantic gap, the attack is able to automatically identify critical decision points where authentication succeeds or fails at the binary level. It can then leverage the VMI to transparently corrupt the control-flow or data-flow of the victim OS at that point, result-ing in successful authentication ...
Over the past few years, virtualization has been em-ployed to environments ranging from densely popu...
Kernel-level attacks or rootkits can compromise the security of an operating system by executing wit...
Virtual machine introspection (VMI) is a mechanism for monitoring the states of guest virtual machin...
Most existing virtual machine introspection (VMI) technologies analyze the status of a target virtua...
Over the last few years there has been immense progress in developing powerful security tools based ...
Due to exposure to the Internet, virtual machines (VMs) as forms of delivering virtualized infrastru...
Modern computer systems are built on a foundation of software components from a variety of vendors. ...
Virtual machine introspection (VMI) has formed the basis of a number of novel approaches to security...
Virtualization technology has enabled powerful security monitoring techniques, such as virtual machi...
eingereicht und durch die Fakultät für Informatik am 26.08.2013 angenommen. System virtualization ...
System administrators use application-level knowledge to identify anomalies in virtual appliances (V...
Psyco-Virt is a high assurance intrusion detection tool that merges host and network intrusion detec...
Operating system kernels are difficult to understand and monitor. Hardware virtualization provides a...
All systems that utilize virtual machine introspection (VMI) need to overcome the disconnect between...
The growing complexity of modern malware drives security applications to leverage virtual machine in...
Over the past few years, virtualization has been em-ployed to environments ranging from densely popu...
Kernel-level attacks or rootkits can compromise the security of an operating system by executing wit...
Virtual machine introspection (VMI) is a mechanism for monitoring the states of guest virtual machin...
Most existing virtual machine introspection (VMI) technologies analyze the status of a target virtua...
Over the last few years there has been immense progress in developing powerful security tools based ...
Due to exposure to the Internet, virtual machines (VMs) as forms of delivering virtualized infrastru...
Modern computer systems are built on a foundation of software components from a variety of vendors. ...
Virtual machine introspection (VMI) has formed the basis of a number of novel approaches to security...
Virtualization technology has enabled powerful security monitoring techniques, such as virtual machi...
eingereicht und durch die Fakultät für Informatik am 26.08.2013 angenommen. System virtualization ...
System administrators use application-level knowledge to identify anomalies in virtual appliances (V...
Psyco-Virt is a high assurance intrusion detection tool that merges host and network intrusion detec...
Operating system kernels are difficult to understand and monitor. Hardware virtualization provides a...
All systems that utilize virtual machine introspection (VMI) need to overcome the disconnect between...
The growing complexity of modern malware drives security applications to leverage virtual machine in...
Over the past few years, virtualization has been em-ployed to environments ranging from densely popu...
Kernel-level attacks or rootkits can compromise the security of an operating system by executing wit...
Virtual machine introspection (VMI) is a mechanism for monitoring the states of guest virtual machin...