Modern malware and spyware platforms attack existing antivirus solutions and even Microsoft PatchGuard. To protect users and business systems new technologies developed by Intel and AMD CPUs may be applied. To deal with the new malware we propose monitoring and controlling access to the memory in real time using Intel VT-x with EPT. We have checked this concept by developing MemoryMonRWX, which is a bare-metal hypervisor. MemoryMonRWX is able to track and trap all types of memory access: read, write, and execute. MemoryMonRWX also has the following competitive advantages: fine-grained analysis, support of multi-core CPUs and 64-bit Windows 10. MemoryMonRWX is able to protect critical kernel memory areas even when PatchGuard has been disable...
The integrity of operating system (OS) kernels is of paramount importance in order to ensure the sec...
The security of a computer system depends on OS kernel protection. It is crucial to reveal and inspe...
During the past decade, virtualization-based (e.g., virtual machine introspection) and hardware-assi...
Volatile memory dump and its analysis is an essential part of digital forensics. Among a number of v...
One of the main issues in the OS security is providing trusted code execution in an untrusted enviro...
Hardware virtualization technologies play a significant role in cyber security. On the one hand thes...
Increasingly, cyber attacks (e.g., kernel rootkits) target the inner rings of a computer system, and...
Windows OS is facing a huge rise in kernel attacks. An overview of popular techniques that result in...
Abstract—Targeting the operating system kernel, the core of trust in a system, kernel rootkits are a...
The emergence of hardware virtualization technology has led to the development of OS independent mal...
Kernel rootkits are a special category of malware that are deployed directly in the kernel and hence...
runtime memory, performance evaluation An important goal of software security is to ensure sensitive...
ENGELSK: A monolithic operating system (OS) - such as Windows or Linux - distinguish between executi...
Windows OS kernel memory is one of the main targets of cyber-attacks. By launching such attacks, hac...
Increasingly, cyber attacks (e.g., kernel rootkits) target the inner rings of a computer system, and...
The integrity of operating system (OS) kernels is of paramount importance in order to ensure the sec...
The security of a computer system depends on OS kernel protection. It is crucial to reveal and inspe...
During the past decade, virtualization-based (e.g., virtual machine introspection) and hardware-assi...
Volatile memory dump and its analysis is an essential part of digital forensics. Among a number of v...
One of the main issues in the OS security is providing trusted code execution in an untrusted enviro...
Hardware virtualization technologies play a significant role in cyber security. On the one hand thes...
Increasingly, cyber attacks (e.g., kernel rootkits) target the inner rings of a computer system, and...
Windows OS is facing a huge rise in kernel attacks. An overview of popular techniques that result in...
Abstract—Targeting the operating system kernel, the core of trust in a system, kernel rootkits are a...
The emergence of hardware virtualization technology has led to the development of OS independent mal...
Kernel rootkits are a special category of malware that are deployed directly in the kernel and hence...
runtime memory, performance evaluation An important goal of software security is to ensure sensitive...
ENGELSK: A monolithic operating system (OS) - such as Windows or Linux - distinguish between executi...
Windows OS kernel memory is one of the main targets of cyber-attacks. By launching such attacks, hac...
Increasingly, cyber attacks (e.g., kernel rootkits) target the inner rings of a computer system, and...
The integrity of operating system (OS) kernels is of paramount importance in order to ensure the sec...
The security of a computer system depends on OS kernel protection. It is crucial to reveal and inspe...
During the past decade, virtualization-based (e.g., virtual machine introspection) and hardware-assi...