Complicating process identification by replacing process information for attack avoidance

Research output: Contribution to journalArticle

Abstract

Security-critical software is open to attacks by adversaries that disable its functionality. To decrease the risk, we propose an attack avoidance method for complicating process identification. The proposed method complicates identification based on process information by dynamically replacing the information held by a kernel with dummy information. Replacing process information makes identifying the attack target difficult because adversaries cannot find the attack target by seeking the process information. Implementation of the proposed method with a virtual machine monitor enhances the security of the mechanism itself. Further, by implementing the proposed method with a virtual machine monitor, modification to operating systems and application programs are unnecessary.

Original languageEnglish
Pages (from-to)33-47
Number of pages15
JournalLecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)
Volume8639 LNCS
DOIs
Publication statusPublished - 2014

    Fingerprint

Keywords

  • Attack avoidance
  • process information
  • virtual machine

ASJC Scopus subject areas

  • Computer Science(all)
  • Theoretical Computer Science

Cite this