Endpoint Configuration Compliance Monitoring via Virtual Machine Introspection

被引:0
|
作者
Kienzle, Darrell
Persaud, Ryan
Elder, Matthew
机构
来源
43RD HAWAII INTERNATIONAL CONFERENCE ON SYSTEMS SCIENCES VOLS 1-5 (HICSS 2010) | 2010年
关键词
D O I
暂无
中图分类号
TP301 [理论、方法];
学科分类号
081202 ;
摘要
We describe a system for externally monitoring endpoint configuration compliance of an end user system that provides a high assurance monitoring function and data. Typical approaches to monitoring for endpoint configuration compliance rely on the integrity of the endpoint's operating system and do not protect the monitoring function from subversion or spoofing by threats from within the monitored system. Our approach utilizes (1) a virtual machine architecture on the endpoint system to protect the monitoring function and (2) virtual machine introspection of the end user's environment. In this paper we describe our approach to external monitoring of endpoint configuration compliance, present the technical details of our monitoring system, provide a description of sonic experimentation and observations, and discuss some of the issues associated with external monitoring
引用
收藏
页码:926 / 935
页数:10
相关论文
共 50 条
  • [21] Virtual machine introspection: towards bridging the semantic gap
    More, Asit
    Tapaswi, Shashikala
    JOURNAL OF CLOUD COMPUTING-ADVANCES SYSTEMS AND APPLICATIONS, 2014, 3 (03): : 1 - 14
  • [22] Bypassing Full Disk Encryption with Virtual Machine Introspection
    Hebbal, Yacine
    2019 IEEE/ACS 16TH INTERNATIONAL CONFERENCE ON COMPUTER SYSTEMS AND APPLICATIONS (AICCSA 2019), 2019,
  • [23] VICI-Virtual Machine Introspection for Cognitive Immunity
    Fraser, Timothy
    Evenson, Matthew R.
    Arbaugh, William A.
    24TH ANNUAL COMPUTER SECURITY APPLICATIONS CONFERENCE, PROCEEDINGS, 2008, : 87 - 96
  • [24] Insider Threat Detection using Virtual Machine Introspection
    Crawford, Martin
    Peterson, Gilbert
    PROCEEDINGS OF THE 46TH ANNUAL HAWAII INTERNATIONAL CONFERENCE ON SYSTEM SCIENCES, 2013, : 1821 - 1830
  • [25] Investigating the Implications of Virtual Machine Introspection for Digital Forensics
    Nance, Kara
    Hay, Brian
    Bishop, Matt
    2009 INTERNATIONAL CONFERENCE ON AVAILABILITY, RELIABILITY, AND SECURITY (ARES), VOLS 1 AND 2, 2009, : 1024 - +
  • [26] Virtuoso: Narrowing the Semantic Gap in Virtual Machine Introspection
    Dolan-Gavitt, Brendan
    Leek, Tim
    Zhivich, Michael
    Giffin, Jonathon
    Lee, Wenke
    2011 IEEE SYMPOSIUM ON SECURITY AND PRIVACY (SP 2011), 2011, : 297 - 312
  • [27] Malware detection for container runtime based on virtual machine introspection
    He, Xinfeng
    Li, Riyang
    JOURNAL OF SUPERCOMPUTING, 2024, 80 (06): : 7245 - 7268
  • [28] Towards Hypervisor Support for Enhancing the Performance of Virtual Machine Introspection
    Taubmann, Benjamin
    Reiser, Hans P.
    DISTRIBUTED APPLICATIONS AND INTEROPERABLE SYSTEMS, DAIS 2020, 2020, 12135 : 41 - 54
  • [29] Malware detection for container runtime based on virtual machine introspection
    Xinfeng He
    Riyang Li
    The Journal of Supercomputing, 2024, 80 (6) : 7245 - 7268
  • [30] Memory Forensics Using Virtual Machine Introspection for Malware Analysis
    Tien, Chin-Wei
    Liao, Jian-Wei
    Chang, Shun-Chieh
    Kuo, Sy-Yen
    2017 IEEE CONFERENCE ON DEPENDABLE AND SECURE COMPUTING, 2017, : 518 - 519
12345