Results 141 to 150 of about 17,798 (178)

Agent-Based File Extraction Using Virtual Machine Introspection

2021
Virtual machine introspection (VMI) can be defined as the external monitoring of virtual machines. In previous work, the importance of this technique for malware analysis and digital forensics has become apparent. However, in these domains the problem occurs that some information is not available in the main memory at all times.
Thomas Dangl, Benjamin Taubmann, Hans P. Reiser   +2 more
openaire   +1 more source

VE-VMI: High-Performance Virtual Machine Introspection Based on Virtualization Exception

2021 20th International Symposium on Parallel and Distributed Computing (ISPDC), 2021
Virtual machine introspection (VMI) mostly relies on memory virtualization mechanisms to enforce access restrictions on certain areas of the virtual machine (VM)’s physical memory, including the page tables managed by the guest OS. Consequently, the CPU will generate exceptions on any in-VM memory access not complying with the restrictions imposed by ...
Andrei Lutas, Gheorghe Sebestyen, Raul Tosa, Adrian Colesa   +3 more
openaire   +1 more source

CryptVMI: Encrypted Virtual Machine Introspection in the Cloud

2014 IEEE 7th International Conference on Cloud Computing, 2014
Virtualization techniques are the key in both public and private cloud computing environments. In such environments, multiple virtual instances are running on the same physical machine. The logical isolation between systems makes security assurance weaker than physically isolated systems.
Fangzhou Yao, Roy H. Campbell
openaire   +1 more source

A Universal Semantic Bridge for Virtual Machine Introspection

2011
All systems that utilize virtual machine introspection (VMI) need to overcome the disconnect between the low-level state that the hypervisor sees and its semantics within the guest. This problem has become well-known as the semanticgap. In this work, we introduce our tool, InSight, that establishes a semantic connection between the guest and the ...
Christian Schneider, Jonas Pfoh, Claudia Eckert   +2 more
openaire   +1 more source

Endpoint Configuration Compliance Monitoring via Virtual Machine Introspection

2010 43rd Hawaii International Conference on System Sciences, 2010
We describe a system for externally monitoring endpoint configuration compliance of an end user system that provides a high assurance monitoring function and data. Typical approaches to monitoring for endpoint configuration compliance rely on the integrity of the endpoint's operating system and do not protect the monitoring function from subversion or ...
Darrell Kienzle, Ryan Persaud, Matthew Elder   +2 more
openaire   +1 more source

K-binID: Kernel binary code identification for Virtual Machine Introspection

2017 IEEE Conference on Dependable and Secure Computing, 2017
Virtual Machine Introspection (VMI) techniques generally employ kernel symbols to obtain addresses of kernel data and functions of interest to monitor guest OS states and activities. However, employing kernel symbols in an Infrastructure as a Service (IaaS) cloud presumes perfect knowledge of what kernel version and customization is running in an ...
Hebbal, Yacine, Laniepce, Sylvie, Menaud, Jean-Marc   +2 more
openaire   +2 more sources

Evolution of digital forensics in virtualization by using virtual machine introspection

Proceedings of the 51st ACM Southeast Conference, 2013
Computer virtualization is not a new technology, it has become increasingly important because of the many advantages it offers to businesses and individuals to reduce costs, while introducing new challenges to the field of digital forensics. As virtualization continues to be adopted by more and more companies every year, malware and hacker attacks are ...
James Poore, Juan Carlos Flores, Travis Atkison   +2 more
openaire   +1 more source

Virtuoso: Narrowing the Semantic Gap in Virtual Machine Introspection

2011 IEEE Symposium on Security and Privacy, 2011
Introspection has featured prominently in many recent security solutions, such as virtual machine-based intrusion detection, forensic memory analysis, and low-artifact malware analysis. Widespread adoption of these approaches, however, has been hampered by the semantic gap: in order to extract meaningful information about the current state of a virtual
Brendan Dolan-Gavitt, Tim Leek, Michael Zhivich, Jonathon Giffin, Wenke Lee   +4 more
openaire   +1 more source

Dynamic malware detection and recording using virtual machine introspection

DSCI - Best Practices Meet 2013, 2013
Detecting and collecting malware samples is considered to be a milestone in computer security. Recording entire Virtual Machine (VM) activities requires considerable resources and it is not the wiser choice too. Our approach is combination of Virtual machine introspection (VMI), file system clustering, malware activity recording. The proposed framework
Asit More, Shashikala Tapaswi
openaire   +1 more source

Exploring Efficient and Robust Virtual Machine Introspection Techniques

2015
Upon practical implementation of virtual machine introspection (VMI), administrators may be overwhelmed by dozens of research works. Specifically, the adopted introspection mechanism perform differently with regard to various performance and security requirements.
Chonghua Wang, Xiaochun Yun, Zhiyu Hao, Lei Cui, Yandong Han, Qingxin Zou   +5 more
openaire   +1 more source