Department of Informatics
نویسنده
چکیده
To approach the ever growing complexity of modern malware, security applications increasingly leverage virtualization technology to perform Virtual Machine Introspection (VMI). VMI constitutes techniques that allow the observation, analysis, and control of guest Virtual Machines (VMs) from the outside. This lends VMI-based applications an omniscient character gaining a complete and untainted view over the VM state. Apart from that, modern hardware-assisted virtualization technology allows transparent onthe-fly virtualization. This technique allows to migrate a live Operating System (OS) into a virtual environment on demand. This thesis consolidates VMI with on-the-fly virtualization. We elaborate the design and architecture of the WhiteRabbit VMI framework in form of a microkernel-based Virtual Machine Monitor (VMM). WhiteRabbit is designed to transparently virtualize a running OS on-the-fly for the purpose of forensic analysis. Towards this direction, our prototype employs Intel VT-x hardware virtualization extensions and is able to virtualize running Linux OSs. To harden potential exposure by malware, the design of WhiteRabbit considers anti-virtualization techniques and incorporates the hardware-assisted nested paging mechanism. After deployment, WhiteRabbit exposes VMI services towards remote applications. More precisely, WhiteRabbit extends the popular LibVMI interface and thus facilitates the use of custom and already existing LibVMI-based security applications from remote. In this way, WhiteRabbit represents an effective means for the purpose of forensic analysis that can be employed on demand.
منابع مشابه
Investigation and Comparison of Nursing Informatics Development Factors in Iran and Selected Countries: a Comparative Study
Introduction: Nursing informatics is effective on the optimal use of technology and health promotion. Using the experiences of successful countries in this field, can facilitate the improvement of nursing care quality. The purpose of this study is a comparison of nursing informatics development factors in Iran and leading countries. Method: The present study was conducted in a descriptive-compa...
متن کاملCode of Ethics of medical informatics in Asia and America
Nowadays, using Information and Communication Technology (ICT) in health care with the aim of creating tools for diagnosing and treating diseases has proposed a new debate on the code of ethics. The raised ethical issues are beyond privacy and security, and have been the most important sources of debate and ethical questions in these professions.
متن کاملCA ’ FOSCARI UNIVERSITY OF VENICE Department of Environmental Sciences , Informatics and Statistics Second Cycle Degree Programme in Computer Science
Department of Enviromental Sciences, Informatics and Statistics
متن کاملEvaluation and Ensembling of Methods for Reverse Engineering of Brain Connectivity from Imaging Data
1 Center for Health Informatics and Bioinformatics, New York University School of Medicine, New York, 2 Department of Public Health Sciences, Department of Oral Health Sciences, Biomedical Informatics Center, Medical University of South Carolina, South Carolina, 5 Department of Biostatistics, Vanderbilt University, Tennessee, 6 Institute for Health Informatics, University of Minnesota, Minnesot...
متن کاملDesigning Master Curriculum of Nursing Informatics in Iran
Introduction: In recent decades, nursing education is developing and expanding rapidly as a part of higher education system around the world. Despite tremendous advances in medical sciences in Iran, nursing informatics is still in its early years. Starting this field is necessary for nursing services. It can be used in educational, research, clinical and managerial issues. This study aimed at d...
متن کاملذخیره در منابع من
با ذخیره ی این منبع در منابع من، دسترسی به آن را برای استفاده های بعدی آسان تر کنید
عنوان ژورنال:
دوره شماره
صفحات -
تاریخ انتشار 2016