Free Online Productivity Tools
i2Speak
i2Symbol
i2OCR
iTex2Img
iWeb2Print
iWeb2Shot
i2Type
iPdf2Split
iPdf2Merge
i2Bopomofo
i2Arabic
i2Style
i2Image
i2PDF
iLatex2Rtf
Sci2ools
CCS
2007
ACM
2007
ACM
Stealthy malware detection through vmm-based "out-of-the-box" semantic view reconstruction
An alarming trend in malware attacks is that they are armed with stealthy techniques to detect, evade, and subvert malware detection facilities of the victim. On the defensive side, a fundamental limitation of traditional host-based anti-malware systems is that they run inside the very hosts they are protecting (“in the box”), making them vulnerable to counter-detection and subversion by malware. To address this limitation, recent solutions based on virtual machine (VM) technologies advocate placing the malware detection facilities outside of the protected VM (“out of the box”). However, they gain tamper resistance at the cost of losing the native, semantic view of the host which is enjoyed by the “in the box” approach, thus leading to a technical challenge known as the semantic gap. In this paper, we present the design, implementation, and evaluation of VMwatcher – an “out-of-the-box” approach that overcomes the semantic gap challenge. A new technique called guest v...
Real-time Traffic| Added | 07 Jun 2010 |
| Updated | 07 Jun 2010 |
| Type | Conference |
| Year | 2007 |
| Where | CCS |
| Authors | Xuxian Jiang, Xinyuan Wang, Dongyan Xu |
Comments (0)
Researcher Info
|
