Evaluating computer intrusion detection systems: A survey of common practices
The evaluation of computer intrusion detection systems (which we refer to as intrusion
detection systems) is an active research area. In this article, we survey and systematize …
detection systems) is an active research area. In this article, we survey and systematize …
A survey of stealth malware attacks, mitigation measures, and steps toward autonomous open world solutions
As our professional, social, and financial existences become increasingly digitized and as
our government, healthcare, and military infrastructures rely more on computer technologies …
our government, healthcare, and military infrastructures rely more on computer technologies …
Detecting environment-sensitive malware
M Lindorfer, C Kolbitsch… - Recent Advances in …, 2011 - Springer
The execution of malware in an instrumented sandbox is a widespread approach for the
analysis of malicious code, largely because it sidesteps the difficulties involved in the static …
analysis of malicious code, largely because it sidesteps the difficulties involved in the static …
Cloudvisor: retrofitting protection of virtual machines in multi-tenant cloud with nested virtualization
Multi-tenant cloud, which usually leases resources in the form of virtual machines, has been
commercially available for years. Unfortunately, with the adoption of commodity virtualized …
commercially available for years. Unfortunately, with the adoption of commodity virtualized …
Secure virtualization for cloud computing
F Lombardi, R Di Pietro - Journal of network and computer applications, 2011 - Elsevier
Cloud computing adoption and diffusion are threatened by unresolved security issues that
affect both the cloud provider and the cloud user. In this paper, we show how virtualization …
affect both the cloud provider and the cloud user. In this paper, we show how virtualization …
Hypersafe: A lightweight approach to provide lifetime hypervisor control-flow integrity
Virtualization is being widely adopted in today's computing systems. Its unique security
advantages in isolating and introspecting commodity OSes as virtual machines (VMs) have …
advantages in isolating and introspecting commodity OSes as virtual machines (VMs) have …
Stealthy malware detection and monitoring through VMM-based “out-of-the-box” semantic view reconstruction
An alarming trend in recent malware incidents is that they are armed with stealthy
techniques to detect, evade, and subvert malware detection facilities of the victim. On the …
techniques to detect, evade, and subvert malware detection facilities of the victim. On the …
[PDF][PDF] The turtles project: Design and implementation of nested virtualization
M Ben-Yehuda, MD Day, Z Dubitzky, M Factor… - … USENIX Symposium on …, 2010 - usenix.org
In classical machine virtualization, a hypervisor runs multiple operating systems
simultaneously, each on its own virtual machine. In nested virtualization, a hypervisor can …
simultaneously, each on its own virtual machine. In nested virtualization, a hypervisor can …
When firmware modifications attack: A case study of embedded exploitation
The ability to update firmware is a feature that is found in nearly all modern embedded
systems. We demonstrate how this feature can be exploited to allow attackers to inject …
systems. We demonstrate how this feature can be exploited to allow attackers to inject …
Enhanced operating system security through efficient and fine-grained address space randomization
C Giuffrida, A Kuijsten, AS Tanenbaum - 21st USENIX Security …, 2012 - usenix.org
In recent years, the deployment of many application-level countermeasures against memory
errors and the increasing number of vulnerabilities discovered in the kernel has fostered a …
errors and the increasing number of vulnerabilities discovered in the kernel has fostered a …