Using VisorFlow to Control Information Flow without Modifying the Operating System Kernel or its Userspace

被引:0
|
作者
Shockley, Matt [1 ]
Maixner, Chris [1 ]
Johnson, Ryan [2 ]
DeRidder, Mitch [1 ]
Petullo, W. Michael [1 ]
机构
[1] US Mil Acad, West Point, NY 10996 USA
[2] US Army Cyber Sch, Ft Gordon, GA USA
来源
PROCEEDINGS OF THE 2017 INTERNATIONAL WORKSHOP ON MANAGING INSIDER SECURITY THREATS (MIST'17) | 2017年
基金
美国国家科学基金会;
关键词
D O I
10.1145/3139923.3139924
中图分类号
TP [自动化技术、计算机技术];
学科分类号
0812 ;
摘要
VISORFLOW aims to monitor the flow of information between processes without requiring modifications to the operating system kernel or its userspace. VISORFLOW runs in a privileged Xen domain and monitors the system calls executing in other domains running either Linux or Windows. VISORFLOW uses its observations to prevent confidential information from leaving a local network. We describe the design and implementation of VISORFLOW, describe how we used VISORFLOW to confine naive users and malicious insiders during the 2017 Cyber-Defense Exercise, and provide performance measurements. We have released VISORFLOW and its companion library, libguestrace, as open-source software.
引用
收藏
页码:13 / 24
页数:12
相关论文
共 50 条
  • [31] Active boundary layer control system using vortex generating jets and operating by the detection of precursor of flow separation
    Hasegawa H.
    Kumagai S.
    International Journal of Flow Control, 2010, 2 (03) : 155 - 167
  • [32] Preserving privacy in the web by using information flow control
    Hutter, Dieter
    LONG-TERM AND DYNAMICAL ASPECTS OF INFORMATION SECURITY: EMERGING TRENDS IN INFORMATION AND COMMUNICATION SECURITY, 2007, : 29 - 44
  • [33] Using Robotic Operating System (ROS) to control autonomous observatories
    Vilardell, Francesc
    Artigues, Gabriel
    Sanz, Josep
    Garcia-Piquer, Alvaro
    Colome, Josep
    Ribas, Ignasi
    SOFTWARE AND CYBERINFRASTRUCTURE FOR ASTRONOMY IV, 2016, 9913
  • [34] AN IMPLEMENTATION OF AN OPERATING SYSTEM KERNEL USING CONCURRENT OBJECT ORIENTED LANGUAGE ABCL/C+
    DOI, N
    KODAMA, Y
    HIROSE, K
    LECTURE NOTES IN COMPUTER SCIENCE, 1988, 322 : 250 - 266
  • [35] KCoFI: Complete Control-Flow Integrity for Commodity Operating System Kernels
    Criswell, John
    Dautenhahn, Nathan
    Adve, Vikram
    2014 IEEE SYMPOSIUM ON SECURITY AND PRIVACY (SP 2014), 2014, : 292 - 307
  • [36] Time sensitive control flow checking for multitask operating system based SoCs
    Vargas, Fabian
    Piccoll, Leonardo
    Benfica, Juliano
    de Alecrim, Antonio A., Jr.
    Moraes, Marlon
    13TH IEEE INTERNATIONAL ON-LINE TESTING SYMPOSIUM PROCEEDINGS, 2007, : 93 - 98
  • [37] Operating point control system for a continuous flow artificial heart:: In vitro study
    Kosaka, R
    Yanagi, K
    Sato, T
    Ishitoya, H
    Ichikawa, S
    Motomura, T
    Kawahito, S
    Mikami, M
    Linneweber, J
    Nonaka, K
    Takano, T
    Glueck, J
    Sankai, Y
    Nosè, Y
    ASAIO JOURNAL, 2003, 49 (03) : 259 - 264
  • [38] Intelligent operating point control system for a continuous-flow artificial heart
    Sato, T.
    Yoshizawa, M.
    Sankai, Y.
    Nosé, Yukihiko
    ASAIO Journal, 2000, 46 (02)
  • [39] Identifying Operating System Using Flow-Based Traffic Fingerprinting
    Jirsik, Tomas
    Celeda, Pavel
    ADVANCES IN COMMUNICATION NETWORKING, 2014, 8846 : 70 - 73
  • [40] MODELING THE THERMOREGULATORY CONTROL-SYSTEM USING KERNEL-METHOD
    AHMED, AK
    IMAGES OF THE TWENTY-FIRST CENTURY, PTS 1-6, 1989, 11 : 308 - 309
12345