fulltext20210811-7.pdf 169 KB
Sato, Masaya Graduate School of Natural Science and Technology, Okayama University ORCID Kaken ID publons researchmap
Yamauchi, Toshihiro Graduate School of Natural Science and Technology, Okayama University ORCID Kaken ID publons researchmap
To prevent attacks on essential software and to mitigate damage, an attack avoiding method that complicates process identification from attackers is proposed. This method complicates the identification of essential services by replacing process information with dummy information. However, this method allows attackers to identify essential processes by detecting changes in process information. To address this problems and provide more complexity to process identification, this paper proposes a memory access monitoring by using a virtual machine monitor. By manipulating the page access permission, a virtual machine monitor detects page access, which includes process information, and replaces it with dummy information. This paper presents the design, implementation, and evaluation of the proposed method.
© 2016 IEEE. Personal use of this material is permitted. Permission from IEEE must be obtained for all other uses, in any current or future media, including reprinting/republishing this material for advertising or promotional purposes, creating new collective works, for resale or redistribution to servers or lists, or reuse of any copyrighted component of this work in other works.
4th International Symposium on Computing and Networking (CANDAR), Hiroshima, JAPAN(NOV 22-25, 2016)
2016 Fourth International Symposium on Computing and Networking (CANDAR)
© 2016 IEEE.
|Web of Science KeyUT|