Copilot - a Coprocessor-based Kernel Runtime Integrity Monitor

13 years 6 months ago

Download www.jesusmolina.com

Copilot is a coprocessor-based kernel integrity monitor for commodity systems. Copilot is designed to detect malicious modifications to a host's kernel and has correctly detected the presence of 12 real-world rootkits, each within 30 seconds of their installation with less than a 1% penalty to the host's performance. Copilot requires no modifications to the protected host's software and can be expected to operate correctly even when the host kernel is thoroughly compromised

Nick L. Petroni Jr., Timothy Fraser, Jesus Molina,

Real-time Traffic

Copilot | Host's Kernel | Kernel Integrity Monitor | Operating System | USS 2004 |

claim paper

» Protecting Commodity Operating System Kernels from Vulnerable Device Drivers

» Authenticated System Calls

» Enforcing Trace Properties by Program Transformation

Post Info
More Details (n/a)

Added	31 Oct 2010
Updated	31 Oct 2010
Type	Conference
Year	2004
Where	USS
Authors	Nick L. Petroni Jr., Timothy Fraser, Jesus Molina, William A. Arbaugh

Comments (0)

Sciweavers

Copilot - a Coprocessor-based Kernel Runtime Integrity Monitor

Copilot | Host's Kernel | Kernel Integrity Monitor | Operating System | USS 2004 |

Explore & Download

Productivity Tools

Document Tools

Image Tools

Sciweavers