Sciweavers

USS
2008

Hypervisor Support for Identifying Covertly Executing Binaries

14 years 2 months ago
Hypervisor Support for Identifying Covertly Executing Binaries
Hypervisors have been proposed as a security tool to defend against malware that subverts the OS kernel. However, hypervisors must deal with the semantic gap between the low-level information available to them and -level OS abstractions they need for analysis. To bridge this gap, systems have proposed making assumptions derived from the kernel source code or symbol information. Unfortunately, this information is nonbinding
Lionel Litty, H. Andrés Lagar-Cavilla, Davi
Added 02 Oct 2010
Updated 02 Oct 2010
Type Conference
Year 2008
Where USS
Authors Lionel Litty, H. Andrés Lagar-Cavilla, David Lie
Comments (0)