Using VisorFlow to Control Information Flow without Modifying the Operating System Kernel or its Userspace

被引:0
|
作者
Shockley, Matt [1 ]
Maixner, Chris [1 ]
Johnson, Ryan [2 ]
DeRidder, Mitch [1 ]
Petullo, W. Michael [1 ]
机构
[1] US Mil Acad, West Point, NY 10996 USA
[2] US Army Cyber Sch, Ft Gordon, GA USA
来源
PROCEEDINGS OF THE 2017 INTERNATIONAL WORKSHOP ON MANAGING INSIDER SECURITY THREATS (MIST'17) | 2017年
基金
美国国家科学基金会;
关键词
D O I
10.1145/3139923.3139924
中图分类号
TP [自动化技术、计算机技术];
学科分类号
0812 ;
摘要
VISORFLOW aims to monitor the flow of information between processes without requiring modifications to the operating system kernel or its userspace. VISORFLOW runs in a privileged Xen domain and monitors the system calls executing in other domains running either Linux or Windows. VISORFLOW uses its observations to prevent confidential information from leaving a local network. We describe the design and implementation of VISORFLOW, describe how we used VISORFLOW to confine naive users and malicious insiders during the 2017 Cyber-Defense Exercise, and provide performance measurements. We have released VISORFLOW and its companion library, libguestrace, as open-source software.
引用
收藏
页码:13 / 24
页数:12
相关论文
共 50 条
  • [21] Optimal decoupling control system using kernel method
    Quan Yong & Yang Jie Institute of Image Processing & Pattern Recognition
    JournalofSystemsEngineeringandElectronics, 2004, (03) : 364 - 370
  • [22] An information flow security policy verification methodology and its application in operating systems
    Yi, XD
    Yang, XJ
    Proceedings of the 11th Joint International Computer Conference, 2005, : 700 - 703
  • [23] Using of the Robotic Operating System for PID control education
    Beschi, Manuel
    Adamini, Riccardo
    Marini, Alberto
    Visioli, Antonio
    IFAC PAPERSONLINE, 2015, 48 (29): : 87 - 92
  • [24] Control of a Biped Robot Using the Robot Operating System
    Maciel, Eduardo Henrique
    Bayan Henriques, Renato Ventura
    Lages, Walter Fetter
    2014 2ND BRAZILIAN ROBOTICS SYMPOSIUM (SBR) / 11TH LATIN AMERICAN ROBOTICS SYMPOSIUM (LARS) / 6TH ROBOCONTROL WORKSHOP ON APPLIED ROBOTICS AND AUTOMATION, 2014, : 247 - 252
  • [25] Iterative learning control using faded measurements without system information: a gradient estimation approach
    Shen, Dong
    INTERNATIONAL JOURNAL OF SYSTEMS SCIENCE, 2020, 51 (14) : 2675 - 2689
  • [26] MODOSK - A MODULAR DISTRIBUTED OPERATING SYSTEM KERNEL FOR REAL-TIME PROCESS-CONTROL
    GARETTI, P
    LAFACE, P
    RIVOIRA, S
    MICROPROCESSING AND MICROPROGRAMMING, 1982, 9 (04): : 201 - 213
  • [27] Flow-separation-control system operating in feedback closed loop
    Stalewski, Wienczyslaw
    Krzysiak, Andrzej
    AIRCRAFT ENGINEERING AND AEROSPACE TECHNOLOGY, 2019, 91 (03): : 498 - 508
  • [28] Analysis of information flow in adaptive control system ALSYS
    Hangkong Zhizao Gongcheng, 3 (32-34):
  • [29] A comprehensive operating room information system using the Kinect sensors and RFID
    Nouei, Mahyar Taghizadeh
    Kamyad, Ali Vahidian
    Soroush, Ahmad Reza
    Ghazalbash, Somayeh
    JOURNAL OF CLINICAL MONITORING AND COMPUTING, 2015, 29 (02) : 251 - 261
  • [30] A comprehensive operating room information system using the Kinect sensors and RFID
    Mahyar Taghizadeh Nouei
    Ali Vahidian Kamyad
    Ahmad Reza Soroush
    Somayeh Ghazalbash
    Journal of Clinical Monitoring and Computing, 2015, 29 : 251 - 261
12345