WEKO3
アイテム
Process Hiding by Virtual Machine Monitor for Attack Avoidance
https://ipsj.ixsq.nii.ac.jp/records/145072
https://ipsj.ixsq.nii.ac.jp/records/145072fe6af422-60bd-413c-9a8d-c36f7860049a
| 名前 / ファイル | ライセンス | アクション |
|---|---|---|
IPSJ-JNL5609028.pdf (380.5 kB)
|
Copyright (c) 2015 by the Information Processing Society of Japan
|
|
| オープンアクセス | ||
| Item type | Journal(1) | |||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|
| 公開日 | 2015-09-15 | |||||||||||
| タイトル | ||||||||||||
| タイトル | Process Hiding by Virtual Machine Monitor for Attack Avoidance | |||||||||||
| タイトル | ||||||||||||
| 言語 | en | |||||||||||
| タイトル | Process Hiding by Virtual Machine Monitor for Attack Avoidance | |||||||||||
| 言語 | ||||||||||||
| 言語 | eng | |||||||||||
| キーワード | ||||||||||||
| 主題Scheme | Other | |||||||||||
| 主題 | [特集:社会に浸透していくコンピュータセキュリティ技術(推薦論文)] attack avoidance, process information, virtual machine | |||||||||||
| 資源タイプ | ||||||||||||
| 資源タイプ識別子 | http://purl.org/coar/resource_type/c_6501 | |||||||||||
| 資源タイプ | journal article | |||||||||||
| 著者所属 | ||||||||||||
| Graduate School of Natural Science and Technology, Okayama University | ||||||||||||
| 著者所属 | ||||||||||||
| Graduate School of Natural Science and Technology, Okayama University | ||||||||||||
| 著者所属 | ||||||||||||
| Graduate School of Natural Science and Technology, Okayama University | ||||||||||||
| 著者所属(英) | ||||||||||||
| en | ||||||||||||
| Graduate School of Natural Science and Technology, Okayama University | ||||||||||||
| 著者所属(英) | ||||||||||||
| en | ||||||||||||
| Graduate School of Natural Science and Technology, Okayama University | ||||||||||||
| 著者所属(英) | ||||||||||||
| en | ||||||||||||
| Graduate School of Natural Science and Technology, Okayama University | ||||||||||||
| 著者名 |
Masaya, Sato
× Masaya, Sato
× Toshihiro, Yamauchi
× Hideo, Taniguchi
|
|||||||||||
| 著者名(英) |
Masaya, Sato
× Masaya, Sato
× Toshihiro, Yamauchi
× Hideo, Taniguchi
|
|||||||||||
| 論文抄録 | ||||||||||||
| 内容記述タイプ | Other | |||||||||||
| 内容記述 | As attacks to computers increase, protective software is developed. However, that software is still open to attacks by adversaries that disable its functionality. If that software is stopped or disabled, the risk of damage to the computer increases. Protections of that software are proposed however existing approaches are insufficient or cannot use those software without modification. To decrease the risk and to address these problems, this paper presents an attack avoidance method that hides process from adversaries who intend to terminate essential services. The proposed method complicates identification based on process information by dynamically replacing the information held by a kernel with dummy information. Replacing process information makes identifying the attack target difficult because adversaries cannot find the attack target by seeking the process information. Implementation of the proposed method with a virtual machine monitor enhances the security of the mechanism itself. Further, by implementing the proposed method with a virtual machine monitor, modification to operating systems is unnecessary. \n------------------------------ This is a preprint of an article intended for publication Journal of Information Processing(JIP). This preprint should not be cited. This article should be cited as: Journal of Information Processing Vol.23(2015) No.5 (online) DOI http://dx.doi.org/10.2197/ipsjjip.23.673 ------------------------------ |
|||||||||||
| 論文抄録(英) | ||||||||||||
| 内容記述タイプ | Other | |||||||||||
| 内容記述 | As attacks to computers increase, protective software is developed. However, that software is still open to attacks by adversaries that disable its functionality. If that software is stopped or disabled, the risk of damage to the computer increases. Protections of that software are proposed however existing approaches are insufficient or cannot use those software without modification. To decrease the risk and to address these problems, this paper presents an attack avoidance method that hides process from adversaries who intend to terminate essential services. The proposed method complicates identification based on process information by dynamically replacing the information held by a kernel with dummy information. Replacing process information makes identifying the attack target difficult because adversaries cannot find the attack target by seeking the process information. Implementation of the proposed method with a virtual machine monitor enhances the security of the mechanism itself. Further, by implementing the proposed method with a virtual machine monitor, modification to operating systems is unnecessary. \n------------------------------ This is a preprint of an article intended for publication Journal of Information Processing(JIP). This preprint should not be cited. This article should be cited as: Journal of Information Processing Vol.23(2015) No.5 (online) DOI http://dx.doi.org/10.2197/ipsjjip.23.673 ------------------------------ |
|||||||||||
| 書誌レコードID | ||||||||||||
| 収録物識別子タイプ | NCID | |||||||||||
| 収録物識別子 | AN00116647 | |||||||||||
| 書誌情報 |
情報処理学会論文誌 巻 56, 号 9, 発行日 2015-09-15 |
|||||||||||
| ISSN | ||||||||||||
| 収録物識別子タイプ | ISSN | |||||||||||
| 収録物識別子 | 1882-7764 | |||||||||||
