A Virtualization-Based Approach for Application Whitelisting

被引：0

作者：

Tian, Donghai ^{[1
,2
]}

Xue, Jingfeng ^{[1
]}

Hu, Changzhen ^{[1
]}

Li, Xuanya ^{[3
]}

机构：

[1] Beijing Inst Technol, Sch Software, Beijing, Peoples R China

[2] Chinese Acad Sci, Inst Informat Engn, State Key Lab Informat Secur, Beijing 100093, Peoples R China

[3] Chinese Acad Sci, Inst Informat Engn, Natl Engn Lab Informat Secur Technol, Beijing 100093, Peoples R China

来源：

IEICE TRANSACTIONS ON INFORMATION AND SYSTEMS | 2014年 / E97D卷 / 06期

关键词：

whitelisting; virtualization technology;

D O I：

10.1587/transinf.E97.D.1648

中图分类号：

TP [自动化技术、计算机技术];

学科分类号：

0812 ;

摘要：

A whitelisting approach is a promising solution to prevent unwanted processes (e.g., malware) getting executed. However, previous solutions suffer from limitations in that: 1) Most methods place the whitelist information in the kernel space, which could be tempered by attackers; 2) Most methods cannot prevent the execution of kernel processes. In this paper, we present VAW, a novel application whitelisting system by using the virtualization technology. Our system is able to block the execution of unauthorized user and kernel processes. Compared with the previous solutions, our approach can achieve stronger security guarantees. The experiments show that VAW can deny the execution of unwanted processes effectively with a little performance overhead.

引用

页码：1648 / 1651

页数：4

共 50 条

[1] Virtualization-based recovery approach for intrusion tolerance
Huang, Jian-Hua
Huang, Jun
Li, Rong
Li, Xiao-Ming
[J]. Information Technology Journal, 2013, 12 (03) : 385 - 390
[2] CAFE: A Virtualization-Based Approach to Protecting Sensitive Cloud Application Logic Confidentiality
Park, Sungjin
Kim, Chung Hwan
Rhee, Junghwan
Won, Jong-Jin
Han, Taisook
Xu, Dongyan
[J]. IEEE TRANSACTIONS ON DEPENDABLE AND SECURE COMPUTING, 2020, 17 (04) : 883 - 897
[3] A VIRTUALIZATION-BASED APPROACH TO DEPENDABLE SERVICE COMPUTING
Dobre, Ciprian
Pop, Florin
Cristea, Valentin
Achim, Ovidiu-Marian
[J]. SCALABLE COMPUTING-PRACTICE AND EXPERIENCE, 2011, 12 (03): : 337 - 350
[4] Analysis of a Virtualization-based Recovery approach for Intrusion Tolerance Systems
Huang, Jianhua
Ai, Qing
[J]. 2013 INTERNATIONAL CONFERENCE ON COMPUTER SCIENCES AND APPLICATIONS (CSA), 2013, : 41 - 46
[5] Efficient Virtualization-Based Fault Tolerance
Tsao, Po-Jui
Sun, Yi-feng
Chen, Li-Han
Cho, Chuan-Yu
[J]. 2016 INTERNATIONAL COMPUTER SYMPOSIUM (ICS), 2016, : 114 - 119
[6] Virtualization-based Cognitive Radio Networks
Al-Ayyoub, Mahmoud
Jararweh, Yaser
Doulat, Ahmad
Salameh, Haythem A. Bany
Al Aziz, Ahmad Al Abed
Alsmirat, Mohammad
Khreishah, Abdallah A.
[J]. JOURNAL OF SYSTEMS AND SOFTWARE, 2016, 117 : 15 - 29
[7] Multiple attacks on virtualization-based security monitoring
[J]. Pan, Li-Min (panlimin@bit.edu.cn), 1600, Beijing Institute of Technology (25):
[8] Overshadow: A virtualization-based approach to retrofitting protection in commodity operating systems
Chen, Xiaoxin
Garfinkel, Tal
Lewis, E. Christopher
Subrahmanyam, Pratap
Waldspurger, Carl A.
Boneh, Dan
Dwoskin, Jeffrey
Ports, Dan R. K.
[J]. ACM SIGPLAN NOTICES, 2008, 43 (03) : 2 - 13
[9] Multiple attacks on virtualization-based security monitoring
闫广禄
罗森林
韦伟
潘丽敏
[J]. Journal of Beijing Institute of Technology, 2016, 25 (02) : 254 - 263
[10] vmOS: A virtualization-based, secure desktop system
Liang, Hongliang
Li, Mingyu
Xu, Jian
Hu, Wenying
Pei, Xiaoxiao
Jia, Xiaodong
Song, Yan
[J]. COMPUTERS & SECURITY, 2017, 65 : 329 - 343

← 1 2 3 4 5 →