Free Online Productivity Tools
i2Speak
i2Symbol
i2OCR
iTex2Img
iWeb2Print
iWeb2Shot
i2Type
iPdf2Split
iPdf2Merge
i2Bopomofo
i2Arabic
i2Style
i2Image
i2PDF
iLatex2Rtf
Sci2ools
SP
2008
IEEE
2008
IEEE
Lares: An Architecture for Secure Active Monitoring Using Virtualization
Host-based security tools such as anti-virus and intrusion detection systems are not adequately protected on today’s computers. Malware is often designed to immediately disable any security tools upon installation, rendering them useless. While current research has focused on moving these vulnerable security tools into an isolated virtual machine, this approach cripples security tools by preventing them from doing active monitoring. This paper describes an architecture that takes a hybrid approach, giving security tools the ability to do active monitoring while still benefiting from the increased security of an isolated virtual machine. We discuss the architecture and a prototype implementation that can process hooks from a virtual machine running Windows XP on Xen. We conclude with a security analysis and show the performance of a single hook to be 28 µsecs in the best case.
Real-time TrafficHost-based Security Tools | Isolated Virtual Machine | Security Privacy | Security Tools | SP 2008 |
Related Content
| Added | 01 Jun 2010 |
| Updated | 01 Jun 2010 |
| Type | Conference |
| Year | 2008 |
| Where | SP |
| Authors | Bryan D. Payne, Martim Carbone, Monirul I. Sharif, Wenke Lee |
Comments (0)
Researcher Info
|
