Operating system enhancements to prevent the misuse of system calls
Proceedings of the 7th ACM conference on Computer and communications security
Formal requirements for virtualizable third generation architectures
Communications of the ACM
Remus: a security-enhanced operating system
ACM Transactions on Information and System Security (TISSEC)
freeVSD enables safe experiments
Linux Journal
Virtual Machine Design and Implementation in C/C++ with Cdrom
Virtual Machine Design and Implementation in C/C++ with Cdrom
Virtualizing I/O Devices on VMware Workstation's Hosted Virtual Machine Monitor
Proceedings of the General Track: 2002 USENIX Annual Technical Conference
When Virtual Is Better Than Real
HOTOS '01 Proceedings of the Eighth Workshop on Hot Topics in Operating Systems
A Sense of Self for Unix Processes
SP '96 Proceedings of the 1996 IEEE Symposium on Security and Privacy
Xen and the art of virtualization
SOSP '03 Proceedings of the nineteenth ACM symposium on Operating systems principles
ReVirt: enabling intrusion analysis through virtual-machine logging and replay
OSDI '02 Proceedings of the 5th symposium on Operating systems design and implementationCopyright restrictions prevent ACM from being able to make the PDFs for this conference available for downloading
The Architecture of Virtual Machines
Computer
Denali: a scalable isolation kernel
EW 10 Proceedings of the 10th workshop on ACM SIGOPS European workshop
Operating system support for virtual machines
ATEC '03 Proceedings of the annual conference on USENIX Annual Technical Conference
Analysis of the Intel Pentium's ability to support a secure virtual machine monitor
SSYM'00 Proceedings of the 9th conference on USENIX Security Symposium - Volume 9
A user-mode port of the linux kernel
ALS'00 Proceedings of the 4th annual Linux Showcase & Conference - Volume 4
Intrusion detection using sequences of system calls
Journal of Computer Security
Hiding "real" machine from attackers and malware with a minimal virtual machine monitor
Proceedings of the 4th international conference on Security and privacy in communication netowrks
Virtual machine monitor-based lightweight intrusion detection
ACM SIGOPS Operating Systems Review
Securing cloud storage systems through a virtual machine monitor
Proceedings of the First International Workshop on Secure and Resilient Architectures and Systems
Enhancing the Disaster Recovery Plan Through Virtualization
Journal of Information Technology Research
A Systematic Survey of Self-Protecting Software Systems
ACM Transactions on Autonomous and Adaptive Systems (TAAS) - Special Section on Best Papers from SEAMS 2012
CloRExPa: Cloud resilience via execution path analysis
Future Generation Computer Systems
| Hi-index | 0.00 |
Intrusion detection systems continuously watch the activity on a network or computer, looking for attack and intrusion evidences. However, host-based intrusion detectors are particularly vulnerable, as they can be disabled or tampered by successful intruders. This work proposes and implements an architecture model aimed to protect host-based intrusion detectors, through the application of the virtual machine concept. Virtual machine environments are becoming an interesting alternative for several computing systems due to their advantages in terms of cost and portability. The architecture proposed here makes use of the execution spaces separation provided by a virtual machine monitor, in order to separate the intrusion detection system from the system under monitoring. As a consequence, the intrusion detector becomes invisible and inaccessible to intruders. The prototype implementation and the tests performed show the viability of this solution.