Live analysis: Progress and challenges

B Hay, M Bishop, K Nance - IEEE Security & Privacy, 2009 - ieeexplore.ieee.org
As computer technologies become increasingly ubiquitous, so must supporting digital
forensics tools and techniques for efficiently and effectively analyzing associated systems' …

Locking the sky: a survey on IaaS cloud security

LM Vaquero, L Rodero-Merino, D Morán - Computing, 2011 - Springer
Cloud computing is expected to become a common solution for deploying applications
thanks to its capacity to leverage developers from infrastructure management tasks, thus …

Space traveling across vm: Automatically bridging the semantic gap in virtual machine introspection via online kernel data redirection

Y Fu, Z Lin - 2012 IEEE symposium on security and privacy, 2012 - ieeexplore.ieee.org
It is generally believed to be a tedious, time consuming, and error-prone process to develop
a virtual machine introspection (VMI) tool manually because of the semantic gap. Recent …

VMM-based intrusion detection system

M Moffie, D Kaeli, A Cohen, J Aslam… - US Patent …, 2014 - Google Patents
An intrusion detection system collects architectural level events from a Virtual Machine
Monitor where the collected events represent operation of a corresponding Virtual Machine …

System and method for intelligent coordination of host and guest intrusion prevention in virtualized environment

WG McGee - US Patent 8,443,440, 2013 - Google Patents
Virtualization Software deployments are allowing organi Zations to achieve significant
savings in their data centers. These savings are being gained in reduced energy and hard …

Kernel-level rootkit detection, prevention and behavior profiling: a taxonomy and survey

M Nadim, W Lee, D Akopian - arXiv preprint arXiv:2304.00473, 2023 - arxiv.org
One of the most elusive types of malware in recent times that pose significant challenges in
the computer security system is the kernel-level rootkits. The kernel-level rootkits can hide its …

[PDF][PDF] Hybrid-bridge: Efficiently bridging the semantic gap in virtual machine introspection via decoupled execution and training memoization

A Saberi, Y Fu, Z Lin - Proceedings of the 21st annual network and …, 2014 - Citeseer
Recent advances show that it is possible to reuse the legacy binary code to bridge the
semantic gap in virtual machine introspection (VMI). However, existing such VMI solutions …

Bridging the semantic gap in virtual machine introspection via online kernel data redirection

Y Fu, Z Lin - ACM Transactions on Information and System Security …, 2013 - dl.acm.org
It is generally believed to be a tedious, time-consuming, and error-prone process to develop
a virtual machine introspection (VMI) tool because of the semantic gap. Recent advance …

Enforcing system-wide control flow integrity for exploit detection and diagnosis

A Prakash, H Yin, Z Liang - Proceedings of the 8th ACM SIGSAC …, 2013 - dl.acm.org
Modern malware like Stuxnet is complex and exploits multiple vulnerabilites in not only the
user level processes but also the OS kernel to compromise a system. A main trait of such …

Xtrec: Secure real-time execution trace recording on commodity platforms

A Vasudevan, N Qu, A Perrig - 2011 44th Hawaii International …, 2011 - ieeexplore.ieee.org
We propose XTRec, a primitive that can record the instruction-level execution trace of a
commodity computing system. Our primitive is resilient to compromise to provide integrity of …