Catch you with cache: Out-of-VM introspection to trace malicious executions

Catch you with cache: Out-of-VM introspection to trace malicious executions

Out-of-VM introspection is an imperative part of security analysis. The legacy methods either modify the system, introducing enormous overhead, or rely heavily on hardware features, which are neither available nor practical in most cloud environments. In this paper, we propose a novel analysis metho...

Full description

Saved in:

Bibliographic Details
Main Authors:	SU, Chao, DING, Xuhua, ZENG, Qinghai
Format:	text
Language:	English
Published:	Institutional Knowledge at Singapore Management University 2021
Subjects:	Out-of-VM Introspection Cache Malware Analysis Non-intrusiveness Transparency Databases and Information Systems Information Security
Online Access:	https://ink.library.smu.edu.sg/sis_research/6737 https://ink.library.smu.edu.sg/context/sis_research/article/7740/viewcontent/357200a326.pdf
Tags:	Add Tag No Tags, Be the first to tag this record!
Institution:	Singapore Management University
Language:	English

Similar Items

Note on unawareness: Negative Introspection versus AU Introspection (and KU Introspection)
by: Chen, Y.-C., et al.
Published: (2014)

A coprocessor-based introspection framework via intel management engine
by: ZHOU, Lei, et al.
Published: (2021)

Research on the performance of xVM virtual machine based on HPCC
by: Zhao, T., et al.
Published: (2013)

A virtualization based system infrastructure for dynamic program analysis
by: HONG, Jiaqi
Published: (2020)

Automatic detection and analysis towards malicious behavior in IoT malware
by: LI, Sen, et al.
Published: (2023)

Time-aware VM-placement and routing with bandwidth guarantees in green cloud data centers
by: Dalvandi, A., et al.
Published: (2014)

A software environment for confining malicious android applications via resource virtualization
by: Li, X., et al.
Published: (2014)

Linear Obfuscation to Combat Symbolic Execution
by: WANG, Zhi, et al.
Published: (2011)

Understanding Android app piggybacking: A systematic study of malicious code grafting
by: LI, Li, et al.
Published: (2017)

EARLY DETECTION OF INTERNET-OF-THINGS BOTNETS
by: AYUSH KUMAR
Published: (2021)

Enhancing host security using external environment sensors
by: Chang, E.-C., et al.
Published: (2013)

Unmasking the lurking: Malicious behavior detection for IoT malware with multi-label classification
by: FENG, Ruitao, et al.
Published: (2024)

How to resuscitate a sick VM in the cloud
by: DING, Xuhua
Published: (2023)

Malware detection with open source security information and event management (OSSIM)
by: Loh, Yi Hong
Published: (2024)

The Pitfalls of a State in Transition Myanmar 1974-2000
by: KOH KIM SENG
Published: (2010)

Characterizing malicious Android apps by mining topic-specific data flow signatures
by: YANG, Xinli, et al.
Published: (2017)

DynOpVm: VM-based software obfuscation with dynamic opcode mapping
by: CHENG, Xiaoyang, et al.
Published: (2019)

Seeing through the same lens: Introspecting guest address space at native speed
by: ZHAO, Siqi, et al.
Published: (2017)

A multi-view context-aware approach to Android malware detection and malicious code localization
by: Narayanan, Annamalai, et al.
Published: (2020)

Implementation of common attack techniques and detection of malicious binaries and executables using machine learning-based detector in Microsoft Windows environment
by: Ladrido, John Martin M.
Published: (2021)

SMILE: Secure memory introspection for live enclave
by: ZHOU, Lei, et al.
Published: (2022)

A defense of incorrigibility and self-intimation
by: LAI TONGDE, LEON
Published: (2010)

An Intrusion Response Decision-Making Model Based on Hierarchical Task Network Planning
by: MU, Chengpo, et al.
Published: (2010)

Insights into Malware Detection and Prevention on Mobile Phones
by: YAN, Qiang, et al.
Published: (2009)

RansomSOC: A more effective security operations center to detect and respond to ransomware attacks
by: LAI, Anthony Cheuk Tung, et al.
Published: (2022)

A Dynamic Trust Management Scheme to Mitigate Malware Proliferation in P2P Networks
by: DING, Xuhua, et al.
Published: (2008)

Detection and classification of malicious JavaScript via attack behavior modelling
by: XUE, Yinxing, et al.
Published: (2015)

Risk balance defense approach against intrusions for network server
by: MU, Chengpo, et al.
Published: (2013)

Design and development of a hybrid metamorphic portable executable malware detection system
by: Diaz, Julianne Alyson I.
Published: (2022)

Virus doctor in a box
by: Lo, Jefferson
Published: (2007)

On Challenges in Evaluating Malware Clustering
by: LI, Peng, et al.
Published: (2010)

deRop: Removing Return-Oriented Programming from Malware
by: LU, Kangjie, et al.
Published: (2011)

SDAC: A slow-aging solution for Android malware detection using semantic distance based API clustering
by: XU, Jiayun, et al.
Published: (2022)

Accelerating optimistic HLA-based simulations in virtual execution environments
by: LI, Zengxiang, et al.
Published: (2013)

LEARNING TO MAKE DECISIONS WITH INCOMPLETE INFORMATION: REINFORCEMENT LEARNING, INFORMATION GEOMETRY, AND REAL-LIFE APPLICATIONS
by: DEBABROTA BASU
Published: (2018)

Provenance graph generation for intrusion detection
by: Lim, Janesse Ziyi
Published: (2024)

A scalable approach for malware detection through bounded feature space behavior modeling
by: CHANDRAMOHAN, Mahinthan, et al.
Published: (2013)

Catch you if you deceive me: Verifiable and privacy-aware truth discovery in crowdsensing systems
by: XU, Guowen, et al.
Published: (2020)

Malicious KGC attacks in certificateless cryptography
by: AU, Man Ho, et al.
Published: (2007)

Empirical evaluation of minority oversampling techniques in the context of Android malware detection
by: SHAR, Lwin Khin, et al.
Published: (2021)