Detection of Malware and Kernel-level Rootkits in Cloud Computing Environments

被引:8
|
作者
Win, Thu Yein [1 ]
Tianfield, Huaglory [1 ]
Mair, Quentin [1 ]
机构
[1] Glasgow Caledonian Univ, Sch Engn & Built Environm, Cloud & Data Lab, Glasgow G4 0BA, Lanark, Scotland
来源
2015 IEEE 2ND INTERNATIONAL CONFERENCE ON CYBER SECURITY AND CLOUD COMPUTING (CSCLOUD) | 2015年
关键词
virtualization security; cloud security; malware detection; rootkit detection; support vector machine; virtual machine introspection;
D O I
10.1109/CSCloud.2015.54
中图分类号
TP [自动化技术、计算机技术];
学科分类号
0812 ;
摘要
Cyberattacks targeted at virtualization infrastructure underlying cloud computing services has become increasingly sophisticated. This paper presents a novel malware and rookit detection system which protects the guests against different attacks. It combines system call monitoring and system call hashing on the guest kernel together with Support Vector Machines (SVM)-based external monitoring on the host. We demonstrate the effectiveness of our solution by evaluating it against well-known user-level malware as well as kernel-level rootkit attacks.
引用
收藏
页码:295 / 300
页数:6
相关论文
共 50 条
  • [1] Detecting and categorizing kernel-level rootkits to aid future detection
    Levine, JG
    Grizzard, JB
    Owen, HL
    IEEE SECURITY & PRIVACY, 2006, 4 (01) : 24 - 32
  • [2] On the Detection of Kernel-Level Rootkits Using Hardware Performance Counters
    Singh, Baljit
    Evtyushkin, Dmitry
    Elwell, Jesse
    Riley, Ryan
    Cervesato, Iliana
    PROCEEDINGS OF THE 2017 ACM ASIA CONFERENCE ON COMPUTER AND COMMUNICATIONS SECURITY (ASIA CCS'17), 2017, : 483 - 493
  • [3] Detecting and categorizing kernel-level rootkits to aid future detection
    Georgia Institute of Technology
    不详
    不详
    不详
    不详
    IEEE Secur. Privacy, 2006, 1 (27-32):
  • [4] Malware Detection and Kernel Rootkit Prevention in Cloud Computing Environments
    Schmidt, Matthias
    Baumgaertner, Lars
    Graubner, Pablo
    Boeck, David
    Freisleben, Bernd
    PROCEEDINGS OF THE 19TH INTERNATIONAL EUROMICRO CONFERENCE ON PARALLEL, DISTRIBUTED, AND NETWORK-BASED PROCESSING, 2011, : 603 - 610
  • [5] Detecting Kernel-Level Rootkits Using Data Structure Invariants
    Baliga, Arati
    Ganapathy, Vinod
    Iftode, Liviu
    IEEE TRANSACTIONS ON DEPENDABLE AND SECURE COMPUTING, 2011, 8 (05) : 670 - 684
  • [6] Automatic Mitigation of Kernel Rootkits in Cloud Environments
    Grimm, Jonathan
    Ahmed, Irfan
    Roussev, Vassil
    Bhatt, Manish
    Hong, Manpyo
    INFORMATION SECURITY APPLICATIONS, 2018, 10763 : 137 - 149
  • [7] VALKYRIE: BEHAVIORAL MALWARE DETECTION USING GLOBAL KERNEL-LEVEL TELEMETRY DATA
    Krasser, Sven
    Meyer, Brett
    Crenshaw, Patrick
    2015 IEEE INTERNATIONAL WORKSHOP ON MACHINE LEARNING FOR SIGNAL PROCESSING, 2015,
  • [8] Kernel-Level Rootkits Features to Train Learning Models Against Namespace Attacks on Containers
    Lee, Wonjun
    Nadim, Mohammad
    2020 7TH IEEE INTERNATIONAL CONFERENCE ON CYBER SECURITY AND CLOUD COMPUTING (CSCLOUD 2020)/2020 6TH IEEE INTERNATIONAL CONFERENCE ON EDGE COMPUTING AND SCALABLE CLOUD (EDGECOM 2020), 2020, : 50 - 55
  • [9] Malware Detection in Cloud Computing
    Hatem, Safaa Salam
    Wafy, Maged H.
    El-Khouly, Mahmoud M.
    INTERNATIONAL JOURNAL OF ADVANCED COMPUTER SCIENCE AND APPLICATIONS, 2014, 5 (04) : 187 - 192
  • [10] Back to Static Analysis for Kernel-Level Rootkit Detection
    Musavi, Seyyedeh Atefeh
    Kharrazi, Mehdi
    IEEE TRANSACTIONS ON INFORMATION FORENSICS AND SECURITY, 2014, 9 (09) : 1465 - 1476
12345