Complicating process identification by replacing process information for attack avoidance

Masaya Sato; Toshihiro Yamauchi

doi:10.1007/978-3-319-09843-2_3

Complicating process identification by replacing process information for attack avoidance

Research output: Contribution to journal › Conference article › peer-review

Abstract

Security-critical software is open to attacks by adversaries that disable its functionality. To decrease the risk, we propose an attack avoidance method for complicating process identification. The proposed method complicates identification based on process information by dynamically replacing the information held by a kernel with dummy information. Replacing process information makes identifying the attack target difficult because adversaries cannot find the attack target by seeking the process information. Implementation of the proposed method with a virtual machine monitor enhances the security of the mechanism itself. Further, by implementing the proposed method with a virtual machine monitor, modification to operating systems and application programs are unnecessary.

Original language	English
Pages (from-to)	33-47
Number of pages	15
Journal	Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)
Volume	8639 LNCS
DOIs	https://doi.org/10.1007/978-3-319-09843-2_3
Publication status	Published - 2014
Event	9th International Workshop on Security, IWSEC 2014 - Hirosaki, Japan Duration: Aug 27 2014 → Aug 29 2014

Keywords

Attack avoidance
process information
virtual machine

ASJC Scopus subject areas

Theoretical Computer Science
Computer Science(all)

Access to Document

10.1007/978-3-319-09843-2_3

Cite this

Complicating process identification by replacing process information for attack avoidance. / Sato, Masaya; Yamauchi, Toshihiro.

In: Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics), Vol. 8639 LNCS, 2014, p. 33-47.

Research output: Contribution to journal › Conference article › peer-review

@article{b5a0a00036b74aa28206186268585def,

title = "Complicating process identification by replacing process information for attack avoidance",

abstract = "Security-critical software is open to attacks by adversaries that disable its functionality. To decrease the risk, we propose an attack avoidance method for complicating process identification. The proposed method complicates identification based on process information by dynamically replacing the information held by a kernel with dummy information. Replacing process information makes identifying the attack target difficult because adversaries cannot find the attack target by seeking the process information. Implementation of the proposed method with a virtual machine monitor enhances the security of the mechanism itself. Further, by implementing the proposed method with a virtual machine monitor, modification to operating systems and application programs are unnecessary.",

keywords = "Attack avoidance, process information, virtual machine",

author = "Masaya Sato and Toshihiro Yamauchi",

year = "2014",

doi = "10.1007/978-3-319-09843-2_3",

language = "English",

volume = "8639 LNCS",

pages = "33--47",

journal = "Lecture Notes in Computer Science",

issn = "0302-9743",

publisher = "Springer Verlag",

note = "9th International Workshop on Security, IWSEC 2014 ; Conference date: 27-08-2014 Through 29-08-2014",

}

TY - JOUR

T1 - Complicating process identification by replacing process information for attack avoidance

AU - Sato, Masaya

AU - Yamauchi, Toshihiro

PY - 2014

Y1 - 2014

N2 - Security-critical software is open to attacks by adversaries that disable its functionality. To decrease the risk, we propose an attack avoidance method for complicating process identification. The proposed method complicates identification based on process information by dynamically replacing the information held by a kernel with dummy information. Replacing process information makes identifying the attack target difficult because adversaries cannot find the attack target by seeking the process information. Implementation of the proposed method with a virtual machine monitor enhances the security of the mechanism itself. Further, by implementing the proposed method with a virtual machine monitor, modification to operating systems and application programs are unnecessary.

AB - Security-critical software is open to attacks by adversaries that disable its functionality. To decrease the risk, we propose an attack avoidance method for complicating process identification. The proposed method complicates identification based on process information by dynamically replacing the information held by a kernel with dummy information. Replacing process information makes identifying the attack target difficult because adversaries cannot find the attack target by seeking the process information. Implementation of the proposed method with a virtual machine monitor enhances the security of the mechanism itself. Further, by implementing the proposed method with a virtual machine monitor, modification to operating systems and application programs are unnecessary.

KW - Attack avoidance

KW - process information

KW - virtual machine

UR - http://www.scopus.com/inward/record.url?scp=84907337831&partnerID=8YFLogxK

UR - http://www.scopus.com/inward/citedby.url?scp=84907337831&partnerID=8YFLogxK

U2 - 10.1007/978-3-319-09843-2_3

DO - 10.1007/978-3-319-09843-2_3

M3 - Conference article

AN - SCOPUS:84907337831

SN - 0302-9743

VL - 8639 LNCS

SP - 33

EP - 47

JO - Lecture Notes in Computer Science

JF - Lecture Notes in Computer Science

T2 - 9th International Workshop on Security, IWSEC 2014

Y2 - 27 August 2014 through 29 August 2014

ER -

Complicating process identification by replacing process information for attack avoidance

Abstract

Keywords

ASJC Scopus subject areas

Access to Document

Other files and links

Fingerprint

Cite this