Memory access monitoring and disguising of process information to Avoid Attacks to essential services

Research output: Chapter in Book/Report/Conference proceedingConference contribution

Abstract

To prevent attacks on essential software and to mitigate damage, an attack avoiding method that complicates process identification from attackers is proposed. This method complicates the identification of essential services by replacing process information with dummy information. However, this method allows attackers to identify essential processes by detecting changes in process information. To address this problems and provide more complexity to process identification, this paper proposes a memory access monitoring by using a virtual machine monitor. By manipulating the page access permission, a virtual machine monitor detects page access, which includes process information, and replaces it with dummy information. This paper presents the design, implementation, and evaluation of the proposed method.

Original languageEnglish
Title of host publicationProceedings - 2016 4th International Symposium on Computing and Networking, CANDAR 2016
PublisherInstitute of Electrical and Electronics Engineers Inc.
Pages635-641
Number of pages7
ISBN (Electronic)9781509026555
DOIs
Publication statusPublished - Jan 13 2017
Event4th International Symposium on Computing and Networking, CANDAR 2016 - Hiroshima, Japan
Duration: Nov 22 2016Nov 25 2016

Other

Other4th International Symposium on Computing and Networking, CANDAR 2016
CountryJapan
CityHiroshima
Period11/22/1611/25/16

Fingerprint

Computer monitors
Data storage equipment
Monitoring
Virtual machine

Keywords

  • Attack avoidance
  • Process information
  • Virtualization

ASJC Scopus subject areas

  • Computer Science Applications
  • Hardware and Architecture
  • Signal Processing
  • Computer Networks and Communications

Cite this

Sato, M., Yamauchi, T., & Taniguchi, H. (2017). Memory access monitoring and disguising of process information to Avoid Attacks to essential services. In Proceedings - 2016 4th International Symposium on Computing and Networking, CANDAR 2016 (pp. 635-641). [7818684] Institute of Electrical and Electronics Engineers Inc.. https://doi.org/10.1109/CANDAR.2016.89

Memory access monitoring and disguising of process information to Avoid Attacks to essential services. / Sato, Masaya; Yamauchi, Toshihiro; Taniguchi, Hideo.

Proceedings - 2016 4th International Symposium on Computing and Networking, CANDAR 2016. Institute of Electrical and Electronics Engineers Inc., 2017. p. 635-641 7818684.

Research output: Chapter in Book/Report/Conference proceedingConference contribution

Sato, M, Yamauchi, T & Taniguchi, H 2017, Memory access monitoring and disguising of process information to Avoid Attacks to essential services. in Proceedings - 2016 4th International Symposium on Computing and Networking, CANDAR 2016., 7818684, Institute of Electrical and Electronics Engineers Inc., pp. 635-641, 4th International Symposium on Computing and Networking, CANDAR 2016, Hiroshima, Japan, 11/22/16. https://doi.org/10.1109/CANDAR.2016.89
Sato M, Yamauchi T, Taniguchi H. Memory access monitoring and disguising of process information to Avoid Attacks to essential services. In Proceedings - 2016 4th International Symposium on Computing and Networking, CANDAR 2016. Institute of Electrical and Electronics Engineers Inc. 2017. p. 635-641. 7818684 https://doi.org/10.1109/CANDAR.2016.89
Sato, Masaya ; Yamauchi, Toshihiro ; Taniguchi, Hideo. / Memory access monitoring and disguising of process information to Avoid Attacks to essential services. Proceedings - 2016 4th International Symposium on Computing and Networking, CANDAR 2016. Institute of Electrical and Electronics Engineers Inc., 2017. pp. 635-641
@inproceedings{bd23dfb7c2c34a3b84b46cf2d74ceafc,
title = "Memory access monitoring and disguising of process information to Avoid Attacks to essential services",
abstract = "To prevent attacks on essential software and to mitigate damage, an attack avoiding method that complicates process identification from attackers is proposed. This method complicates the identification of essential services by replacing process information with dummy information. However, this method allows attackers to identify essential processes by detecting changes in process information. To address this problems and provide more complexity to process identification, this paper proposes a memory access monitoring by using a virtual machine monitor. By manipulating the page access permission, a virtual machine monitor detects page access, which includes process information, and replaces it with dummy information. This paper presents the design, implementation, and evaluation of the proposed method.",
keywords = "Attack avoidance, Process information, Virtualization",
author = "Masaya Sato and Toshihiro Yamauchi and Hideo Taniguchi",
year = "2017",
month = "1",
day = "13",
doi = "10.1109/CANDAR.2016.89",
language = "English",
pages = "635--641",
booktitle = "Proceedings - 2016 4th International Symposium on Computing and Networking, CANDAR 2016",
publisher = "Institute of Electrical and Electronics Engineers Inc.",

}

TY - GEN

T1 - Memory access monitoring and disguising of process information to Avoid Attacks to essential services

AU - Sato, Masaya

AU - Yamauchi, Toshihiro

AU - Taniguchi, Hideo

PY - 2017/1/13

Y1 - 2017/1/13

N2 - To prevent attacks on essential software and to mitigate damage, an attack avoiding method that complicates process identification from attackers is proposed. This method complicates the identification of essential services by replacing process information with dummy information. However, this method allows attackers to identify essential processes by detecting changes in process information. To address this problems and provide more complexity to process identification, this paper proposes a memory access monitoring by using a virtual machine monitor. By manipulating the page access permission, a virtual machine monitor detects page access, which includes process information, and replaces it with dummy information. This paper presents the design, implementation, and evaluation of the proposed method.

AB - To prevent attacks on essential software and to mitigate damage, an attack avoiding method that complicates process identification from attackers is proposed. This method complicates the identification of essential services by replacing process information with dummy information. However, this method allows attackers to identify essential processes by detecting changes in process information. To address this problems and provide more complexity to process identification, this paper proposes a memory access monitoring by using a virtual machine monitor. By manipulating the page access permission, a virtual machine monitor detects page access, which includes process information, and replaces it with dummy information. This paper presents the design, implementation, and evaluation of the proposed method.

KW - Attack avoidance

KW - Process information

KW - Virtualization

UR - http://www.scopus.com/inward/record.url?scp=85015247451&partnerID=8YFLogxK

UR - http://www.scopus.com/inward/citedby.url?scp=85015247451&partnerID=8YFLogxK

U2 - 10.1109/CANDAR.2016.89

DO - 10.1109/CANDAR.2016.89

M3 - Conference contribution

AN - SCOPUS:85015247451

SP - 635

EP - 641

BT - Proceedings - 2016 4th International Symposium on Computing and Networking, CANDAR 2016

PB - Institute of Electrical and Electronics Engineers Inc.

ER -