閱讀全文 | |
篇名 |
HODetector: The Hidden Objects Detection Based on Static Semantic Information Library Outside Virtual Machine
|
---|---|
並列篇名 | HODetector: The Hidden Objects Detection Based on Static Semantic Information Library Outside Virtual Machine |
作者 | 蔡明芳、ChaoYuan Cui、BingYu Sun、WenBo Li |
英文摘要 | With the spread of malwares, the security of virtual machine (VM) is suffering severe challenges recent years. Rootkits and their variants can hide themselves and other kernel objects such as processes, files, and modules making malicious activity hard to be detected. The existed solutions are either coarse-grained, monitoring at virtual machine level, or non-universal, only supporting specific operating system with specific modification. In this paper, we propose a fine-grained approach called HODetector based on static semantic information library (SSIL) to detect the hidden objects outside VM. We have deployed HODetector prototype on Xen virtualization platform and used it to detect the processes, files, and modules hidden by rootkits. The experiment results show that HODetector is effective for different rootkits and general for Linux operating system with various kernels. |
起訖頁 | 1393-1400 |
關鍵詞 | Virtualization、Fine-Grained detection、Semantic gap、Rootkit、Hidden objects detection |
刊名 | 網際網路技術學刊 |
期數 | 201809 (19:5期) |
出版單位 | 台灣學術網路管理委員會 |
DOI |
|
QR Code | |
該期刊 上一篇
| Utility Mining-based Point-of-Interest Paths Recommendation Using SNS Posts in Pervasive Social Environments |
該期刊 下一篇
| A Fog Computing-based IoT Framework for Precision Agriculture |