TY - GEN
T1 - Memory access monitoring and disguising of process information to Avoid Attacks to essential services
AU - Sato, Masaya
AU - Yamauchi, Toshihiro
AU - Taniguchi, Hideo
N1 - Publisher Copyright:
© 2016 IEEE.
PY - 2017/1/13
Y1 - 2017/1/13
N2 - To prevent attacks on essential software and to mitigate damage, an attack avoiding method that complicates process identification from attackers is proposed. This method complicates the identification of essential services by replacing process information with dummy information. However, this method allows attackers to identify essential processes by detecting changes in process information. To address this problems and provide more complexity to process identification, this paper proposes a memory access monitoring by using a virtual machine monitor. By manipulating the page access permission, a virtual machine monitor detects page access, which includes process information, and replaces it with dummy information. This paper presents the design, implementation, and evaluation of the proposed method.
AB - To prevent attacks on essential software and to mitigate damage, an attack avoiding method that complicates process identification from attackers is proposed. This method complicates the identification of essential services by replacing process information with dummy information. However, this method allows attackers to identify essential processes by detecting changes in process information. To address this problems and provide more complexity to process identification, this paper proposes a memory access monitoring by using a virtual machine monitor. By manipulating the page access permission, a virtual machine monitor detects page access, which includes process information, and replaces it with dummy information. This paper presents the design, implementation, and evaluation of the proposed method.
KW - Attack avoidance
KW - Process information
KW - Virtualization
UR - http://www.scopus.com/inward/record.url?scp=85015247451&partnerID=8YFLogxK
UR - http://www.scopus.com/inward/citedby.url?scp=85015247451&partnerID=8YFLogxK
U2 - 10.1109/CANDAR.2016.89
DO - 10.1109/CANDAR.2016.89
M3 - Conference contribution
AN - SCOPUS:85015247451
T3 - Proceedings - 2016 4th International Symposium on Computing and Networking, CANDAR 2016
SP - 635
EP - 641
BT - Proceedings - 2016 4th International Symposium on Computing and Networking, CANDAR 2016
PB - Institute of Electrical and Electronics Engineers Inc.
T2 - 4th International Symposium on Computing and Networking, CANDAR 2016
Y2 - 22 November 2016 through 25 November 2016
ER -