科技报告详细信息
Introducing Pathogen: A Real-Time Virtual Machine Introspection Framework
Roberts, Anthony ; McClatchey, Richard ; Liaquat, Saad ; Edwards, Nigel ; Wray, Mike
HP Development Company
关键词: Security;    Monitoring;    Introspection;    Malware;   
RP-ID  :  HPL-2013-55
学科分类:计算机科学(综合)
美国|英语
来源: HP Labs
PDF
【 摘 要 】

In recent years, malware has grown extremely rapidly in complexity and rates of system infection. Current generation anti-virus and anti-malware software provides system protection through the use of locally installed monitoring agents, which are dependent upon vendor generated signature and heuristic based rules. However, because these monitoring agents are installed within the systems they are trying to protect, they themselves are potential targets of attack by malware. Pathogen overcomes this issue by using a real-time system monitoring and analysis framework that utilises Virtual Machine introspection (VMI) to allow the monitoring of a system without the need for any locally installed agents. One of the main research problems in VMI is how to parse and interpret the memory of an executing system from outside of that system. Pathogen's contribution is a lightweight introspection framework that bridges the semantic gap.

【 预 览 】
附件列表
Files Size Format View
RO201804100000487LZ 223KB PDF download
  文献评价指标  
  下载次数:22次 浏览次数:48次