0000000000634212

AUTHOR

Anat Anatey Leon Zabag

showing 2 related works from this author

Hypervisor-assisted dynamic malware analysis

2021

AbstractMalware analysis is a task of utmost importance in cyber-security. Two approaches exist for malware analysis: static and dynamic. Modern malware uses an abundance of techniques to evade both dynamic and static analysis tools. Current dynamic analysis solutions either make modifications to the running malware or use a higher privilege component that does the actual analysis. The former can be easily detected by sophisticated malware while the latter often induces a significant performance overhead. We propose a method that performs malware analysis within the context of the OS itself. Furthermore, the analysis component is camouflaged by a hypervisor, which makes it completely transp…

Computer engineering. Computer hardwareSoftware_OPERATINGSYSTEMSvirtualisointiComputer Networks and CommunicationsComputer scienceContext (language use)Static program analysiscomputer.software_genreTK7885-7895Artificial IntelligenceComponent (UML)Overhead (computing)tietoturvaMalware analysiskyberturvallisuusbusiness.industryHypervisorQA75.5-76.95haittaohjelmatComputingMilieux_MANAGEMENTOFCOMPUTINGANDINFORMATIONSYSTEMSTask (computing)Electronic computers. Computer scienceEmbedded systemMalwarebusinesscomputerSoftwareInformation SystemsCybersecurity
researchProduct

Hypervisor-Based White Listing of Executables

2019

We describe an efficient system for ensuring code integrity of an operating system (OS), both its own code and application code. The proposed system can protect from an attacker who has full control over the OS kernel. An evaluation of the system's performance suggests the induced overhead is negligible. peerReviewed

operating systemsmicroprogrammingdatabasesvirtualisointiComputer Networks and CommunicationsComputer science0211 other engineering and technologiesListing (computer)02 engineering and technologycomputer.software_genre020204 information systemsMicrocode0202 electrical engineering electronic engineering information engineeringCode (cryptography)Overhead (computing)virtual machine monitorstietoturvaElectrical and Electronic Engineeringimage segmentation021110 strategic defence & security studieskäyttöjärjestelmätLinuxHypervisorcomputer.file_formatmonitoringOperating systemohjelmointiExecutableLawcomputerIEEE Security & Privacy
researchProduct