Simulating Windows-Based Cyber Attacks Using Live Virtual Machine Introspection
Static memory analysis has been proven a valuable technique for digital forensics. However, the memory capture technique halts the system causing the loss of important dynamic system data.
Peterson, Gilbert L. +3 more
core +1 more source
Assessing performance overhead of Virtual Machine Introspection and its suitability for malware analysis [PDF]
Virtual Machine Introspection is the process of introspecting guest VM’s memory and reconstructing the state of the guest operating system. Due to its isolation, stealth and full visibility of the monitored target, VMI lends itself well for security ...
Paakkola, Sebastian
core
CryptVMI: Encrypted Virtual Machine Introspection in the Cloud. Submitted for Review,
-Virtualization techniques are the key in both public and private cloud computing environments. In such environments, multiple virtual instances are running on the same physical machine.
Roy H Campbell, Fangzhou Yao
core
Simulating the Network Environment of Sandboxes to Hide Virtual Machine Introspection Pauses
International audienceVirtual Machine Introspection (VMI) is used by sandbox-based dynamic malware detection and analysis frameworks to observemalware samples while staying isolated and stealthy.
Simonin, Matthieu +3 more
core +1 more source
Secure Virtualization Environment Based on Advanced Memory Introspection
Most existing virtual machine introspection (VMI) technologies analyze the status of a target virtual machine under the assumption that the operating system (OS) version and kernel structure information are known at the hypervisor level.
Xiaohui Han +4 more
core +1 more source
Virtual Machine Forensics by means of Introspection and Kernel Code Injection
9th International Conference on Cyber Warfare and Security, Purdue University, West Lafayette, Indiana, United States, 24-25 March 2014Virtual Machine Introspection offers the ability to access a virtual machine remotely and extract informationfrom it ...
Kechadi, Tahar, Tobin, Patrick
core
Hypervisor introspection: a technique for evading passive virtual machine monitoring [PDF]
Virtualization technology has enabled powerful security monitoring techniques, such as virtual machine introspection (VMI). These monitoring techniques, however, rely on the assumed isolation of virtualized environments from the hypervisor.
Wang, Gary L
core
Building Trustworthy Intrusion Detection through VM Introspection
Psyco-Virt is a high assurance intrusion detection tool that merges host and network intrusion detection technologies with virtual machine introspection.
Fabrizio Baiardi +3 more
core +1 more source
Leveraging Forensic Tools for Virtual Machine Introspection
Virtual machine introspection (VMI) has formed the basis of a number of novel approaches to security in recent years. Although the isolation provided by a virtualized environment provides improved security, software that makes use of VMI must overcome ...
Lee, Wenke +2 more
core
Anomaly based Intrusion Detection System through Remote Virtual Machine Introspection
Research on identifying malicious applications is an important direction in information security, especially when it comes to detection of evasive malware such as keyloggers, trojans, rootkits and their derivatives. Inspired by a biological immune system
Huseynov, Huseyn
core

