Memory access monitoring and disguising of process information to Avoid Attacks to essential services

Research output: Chapter in Book/Report/Conference proceedingConference contribution

Abstract

To prevent attacks on essential software and to mitigate damage, an attack avoiding method that complicates process identification from attackers is proposed. This method complicates the identification of essential services by replacing process information with dummy information. However, this method allows attackers to identify essential processes by detecting changes in process information. To address this problems and provide more complexity to process identification, this paper proposes a memory access monitoring by using a virtual machine monitor. By manipulating the page access permission, a virtual machine monitor detects page access, which includes process information, and replaces it with dummy information. This paper presents the design, implementation, and evaluation of the proposed method.

Original languageEnglish
Title of host publicationProceedings - 2016 4th International Symposium on Computing and Networking, CANDAR 2016
PublisherInstitute of Electrical and Electronics Engineers Inc.
Pages635-641
Number of pages7
ISBN (Electronic)9781509026555
DOIs
Publication statusPublished - Jan 13 2017
Event4th International Symposium on Computing and Networking, CANDAR 2016 - Hiroshima, Japan
Duration: Nov 22 2016Nov 25 2016

Other

Other4th International Symposium on Computing and Networking, CANDAR 2016
CountryJapan
CityHiroshima
Period11/22/1611/25/16

Keywords

  • Attack avoidance
  • Process information
  • Virtualization

ASJC Scopus subject areas

  • Computer Science Applications
  • Hardware and Architecture
  • Signal Processing
  • Computer Networks and Communications

Fingerprint Dive into the research topics of 'Memory access monitoring and disguising of process information to Avoid Attacks to essential services'. Together they form a unique fingerprint.

Cite this