Virtual machine-provided context sensitive page mappings

VEE'08 - Proceedings of the 4th International Conference on Virtual Execution Environments

Volumn , Issue , 2008, Pages 81-89

  Rosenblum, Nathan E ^a   Cooksey, Gregory ^a   Miller, Barton P ^a  

^a University of Wisconsin   (United States)

Author keywords

Context sensitive memory; Self checksumming code; Virtual machine monitor; Xen

Indexed keywords

CHECKSUMMING; CONTEXT SENSITIVE; DATA CONTEXTS; EXECUTABLE CODES; HYPERVISOR; MEMORY MANAGEMENT; MEMORY REFERENCES; OPERATING SYSTEMS; PERFORMANCE PENALTIES; TAMPER-RESISTANT; VIRTUAL ADDRESS; VIRTUAL MACHINE MONITORS; VIRTUAL MACHINES;

COMPUTER OPERATING SYSTEMS;

MAPPING;

EID: 77952396282     PISSN: None     EISSN: None     Source Type: Conference Proceeding    
DOI: 10.1145/1346256.1346268     Document Type: Conference Paper

References (16)

1. ASPACK SOFTWARE. ASProtect Website, http ://www.aspack.com/asprotect. html.
2. BARHAM, P., DRAGOVIC, B., FRASER, K., HAND, S., HARRIS, T., Ho, A., NEUGEBAUER, R., PRATT, I., AND WARFIELD, A. Xen and the art of virtualization. In SOSP '03: Proceedings of the nineteenth ACM symposium on Operating systems principles (New York, NY, USA, 2003), ACM Press, pp. 164-177.
3. BUCK, B., AND HOLLINGSWORTH, J. K. An api for runtime code patching. Int. J. High Perform. Comput. Appl. 14, 4 (2000), 317-329.
4. BUTLER, J., UNDERCOFFER, J., AND PINKSTON, J. Hidden processes: the implication for intrusion detection. In Information Assurance Workshop, 2003. IEEE Systems, Man and Cybernetics Society (2003), pp. 116-121.
5. GARFINKEL, T., AND ROSENBLUM, M. A virtual machine introspection based architecture for intrusion detection. In Proc. Network and Distributed Systems Security Symposium (February 2003).
6. GIFFIN, J. T., CHRISTODORESCU, M., AND KRUGER, L. Strengthening software self-checksumming via self-modifying code. In ACSAC '05: Proceedings of the 21st Annual Computer Security Applications Conference (Washington, DC, USA, 2005), IEEE Computer Society, pp. 23-32.
7. HOLLINGSWORTH, J. K., NIAM, O., MILLER, B. P., Xu, Z., GONCALVES, M. J. R., AND ZHENG, L. MDL: A language and compiler for dynamic program instrumentation. In PACT '97: Proceedings of the 1997 International Conference on Parallel Architectures and Compilation Techniques (Washington, DC, USA, 1997), IEEE Computer Society, p. 201.
8. JONES, S. T. Implicit Operating System Awareness in a Virtual Machine Monitor. PhD thesis, University of Wisconsin-Madison, 2007.
9. KRUEGEL, C., ROBERTSON, W., AND VIGNA, G. Detecting kernellevel rootkits through binary analysis. ACSAC '04: Proceedings of the 20th Annual Computer Security Applications Conference (2004), 91-100.
10. MORGENSTERN, M., AND BROSCH, T. Runtime Packers: The Hidden Problem? In Black Hat USA (Las Vegas, USA, 2007).
11. PAX TEAM. PaX. http://pax.grsecurity.net.
12. SPARKS, S., AND BUTLER, J. "Shadow Walker": Raising the bar for rootkit detection. In Black Hat Japan (Tokyo, Japan, 2005).
13. VAN DE VEN, A. New security enhancements in red hat enterprise linux V.3, update 3. Tech. rep., Red Hat, Inc., 2004.
14. VAN OORSCHOT, P. C., SOMAYAJI, A., AND WURSTER, G. Hardware-assisted circumvention of self-hashing software tamper resistance. IEEE Trans. Dependable Secur. Comput. 2, 2 (2005), 82-92.
15. VON NEUMANN, J. First draft of a report on the EDVAC. IEEE Ann. Hist. Comput. 15, 4 (1993), 27-75.
16. WURSTER, G., VAN OORSCHOT, P., AND SOMAYAJI, A. A generic attack on checksumming-based software tamper resistance. In IEEE Symposium on Security and Privacy (2005), IEEE Computer Society, pp. 127-138.