Abstract
To prevent attacks on essential software and to mitigate damage, an attack avoiding method that complicates process identification from attackers is proposed. This method complicates the identification of essential services by replacing process information with dummy information. However, this method allows attackers to identify essential processes by detecting changes in process information. To address this problems and provide more complexity to process identification, this paper proposes a memory access monitoring by using a virtual machine monitor. By manipulating the page access permission, a virtual machine monitor detects page access, which includes process information, and replaces it with dummy information. This paper presents the design, implementation, and evaluation of the proposed method.
| Original language | English |
|---|---|
| Title of host publication | Proceedings - 2016 4th International Symposium on Computing and Networking, CANDAR 2016 |
| Publisher | Institute of Electrical and Electronics Engineers Inc. |
| Pages | 635-641 |
| Number of pages | 7 |
| ISBN (Electronic) | 9781509026555 |
| DOIs | |
| Publication status | Published - Jan 13 2017 |
| Event | 4th International Symposium on Computing and Networking, CANDAR 2016 - Hiroshima, Japan Duration: Nov 22 2016 → Nov 25 2016 |
Other
| Other | 4th International Symposium on Computing and Networking, CANDAR 2016 |
|---|---|
| Country | Japan |
| City | Hiroshima |
| Period | 11/22/16 → 11/25/16 |
Keywords
- Attack avoidance
- Process information
- Virtualization
ASJC Scopus subject areas
- Computer Science Applications
- Hardware and Architecture
- Signal Processing
- Computer Networks and Communications