Free Online Productivity Tools
i2Speak
i2Symbol
i2OCR
iTex2Img
iWeb2Print
iWeb2Shot
i2Type
iPdf2Split
iPdf2Merge
i2Bopomofo
i2Arabic
i2Style
i2Image
i2PDF
iLatex2Rtf
Sci2ools
CN
2007
2007
Protecting host-based intrusion detectors through virtual machines
: Intrusion detection systems continuously watch the activity of a network or computer, looking for attack or intrusion evidences. However, hostbased intrusion detectors are particularly vulnerable, as they can be disabled or tampered by successful intruders. This work proposes and implements an architecture model aimed at protecting host-based intrusion detectors, through the application of the virtual machine concept. Virtual machine environments are becoming an interesting alternative for several computing systems, because of their advantages in terms of cost and portability. The architecture proposal presented here makes use of the execution spaces separation provided by a virtual machine monitor, in order to separate the intrusion detection system from the system under monitoring. In consequence, the intrusion detector becomes invisible and inaccessible to intruders. The architecture implementation and the tests performed show the viability of this solution.
Real-time Traffic| Added | 12 Dec 2010 |
| Updated | 12 Dec 2010 |
| Type | Journal |
| Year | 2007 |
| Where | CN |
| Authors | Marcos Laureano, Carlos Maziero, Edgard Jamhour |
Comments (0)
Researcher Info
|
