An attacker who has gained access to a computer may want to run arbitrary programs of his choice, and upload or modify configuration files, etc. We can severely restrict the power of the attacker by having a white-list of approved file checksums and a mechanism that prevents the kernel from loading any file with a bad checksum. The check may be placed in the kernel, but that requires a kernel that is prepared for it. The check may also be placed in a hypervisor which intercepts the kernel and prevents the kernel from loading a bad file. Moving the integrity check out from the VM kernel makes it harder for the intruder to bypass the check. We describe the implementation of two systems and give performance results. In the first implementation...
International audienceThe increasing complexity of software and hardware layers makes them likely to...
AbstractThe file system becomes the usual target of malicious attacks because it contains lots of se...
Increasingly, cyber attacks (e.g., kernel rootkits) target the inner rings of a computer system, and...
An attacker who has gained access to a computer may want to upload or modify configuration files, et...
ENGELSK: A monolithic operating system (OS) - such as Windows or Linux - distinguish between executi...
We describe an efficient system for ensuring code integrity of an operating system (OS), both its ow...
Hypervisors are a popular mechanism for implementing software virtualization. Since hypervisors exec...
The business world is exhibiting a growing dependency on computer systems, their operations and th...
runtime memory, performance evaluation An important goal of software security is to ensure sensitive...
Abstract—The advent of cloud computing and inexpensive multi-core desktop architectures has led to t...
SecVisor is a hypervisor designed to guarantee that only code approved by the user of a system execu...
Over the past few years, virtualization has been em-ployed to environments ranging from densely popu...
Increasingly, cyber attacks (e.g., kernel rootkits) target the inner rings of a computer system, and...
Operating system kernels isolate applications from other malicious software via protected memory cr...
Malware detection is typically performed using either software scanners running inside the operating...
International audienceThe increasing complexity of software and hardware layers makes them likely to...
AbstractThe file system becomes the usual target of malicious attacks because it contains lots of se...
Increasingly, cyber attacks (e.g., kernel rootkits) target the inner rings of a computer system, and...
An attacker who has gained access to a computer may want to upload or modify configuration files, et...
ENGELSK: A monolithic operating system (OS) - such as Windows or Linux - distinguish between executi...
We describe an efficient system for ensuring code integrity of an operating system (OS), both its ow...
Hypervisors are a popular mechanism for implementing software virtualization. Since hypervisors exec...
The business world is exhibiting a growing dependency on computer systems, their operations and th...
runtime memory, performance evaluation An important goal of software security is to ensure sensitive...
Abstract—The advent of cloud computing and inexpensive multi-core desktop architectures has led to t...
SecVisor is a hypervisor designed to guarantee that only code approved by the user of a system execu...
Over the past few years, virtualization has been em-ployed to environments ranging from densely popu...
Increasingly, cyber attacks (e.g., kernel rootkits) target the inner rings of a computer system, and...
Operating system kernels isolate applications from other malicious software via protected memory cr...
Malware detection is typically performed using either software scanners running inside the operating...
International audienceThe increasing complexity of software and hardware layers makes them likely to...
AbstractThe file system becomes the usual target of malicious attacks because it contains lots of se...
Increasingly, cyber attacks (e.g., kernel rootkits) target the inner rings of a computer system, and...