Hypervisor Support for Identifying Covertly Executing Binaries

14 years 1 months ago

Download www.usenix.org

Hypervisors have been proposed as a security tool to defend against malware that subverts the OS kernel. However, hypervisors must deal with the semantic gap between the low-level information available to them and -level OS abstractions they need for analysis. To bridge this gap, systems have proposed making assumptions derived from the kernel source code or symbol information. Unfortunately, this information is nonbinding

Lionel Litty, H. Andrés Lagar-Cavilla, Davi

Real-time Traffic

-level Os Abstractions | Kernel Source Code | Operating System | USS 2008 | Xen 3.0.3 Hypervisor |

claim paper

Post Info
More Details (n/a)

Added	02 Oct 2010
Updated	02 Oct 2010
Type	Conference
Year	2008
Where	USS
Authors	Lionel Litty, H. Andrés Lagar-Cavilla, David Lie

Comments (0)

Sciweavers

Hypervisor Support for Identifying Covertly Executing Binaries

-level Os Abstractions | Kernel Source Code | Operating System | USS 2008 | Xen 3.0.3 Hypervisor |

Explore & Download

Productivity Tools

Document Tools

Image Tools

Sciweavers