Hypervisor Memory Introspection and Hypervisor Based Malware Honeypot

Zaidenberg, Nezer Jacob; Kiperberg, Michael; Yehuda, Raz Ben; Leon, Roee; Algawi, Asaf; Resh, Amit

doi:10.1007/978-3-030-49443-8_15

Cited by 2 publications

(2 citation statements)

References 30 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…Thus, the infrastructure of Linux kernels would enhance the possibility for counterattacking the external or internal impregnation attempts at each entity at system level. • Hypervisor introspection: Hypervisor introspection [121] could be used at system level for detecting anomalous behavior.…”

Section: ) C6: 5g Core Networkmentioning

confidence: 99%

Survey on Multi-Access Edge Computing Security and Privacy

Ranaweera

Jurcut

Liyanage

2021

IEEE Commun. Surv. Tutorials

208

View full text Add to dashboard Cite

The European Telecommunications Standards Institute (ETSI) has introduced the paradigm of Multi-Access Edge Computing (MEC) to enable efficient and fast data processing in mobile networks. Among other technological requirements, security and privacy are significant factors in the realization of MEC deployments. In this paper, we analyse the security and privacy of the MEC system. We introduce a thorough investigation of the identification and the analysis of threat vectors in the ETSI standardized MEC architecture. Furthermore, we analyse the vulnerabilities leading to the identified threat vectors and propose potential security solutions to overcome these vulnerabilities. The privacy issues of MEC are also highlighted, and clear objectives for preserving privacy are defined. Finally, we present future directives to enhance the security and privacy of MEC services.

show abstract

Section: ) C6: 5g Core Networkmentioning

confidence: 99%

Survey on Multi-Access Edge Computing Security and Privacy

Ranaweera

Jurcut

Liyanage

2021

IEEE Commun. Surv. Tutorials

208

View full text Add to dashboard Cite

show abstract

“…In the past we have shown how hypervisors can be used to obtain memory contents (Ben Yehuda et al 2021) for forensics analysis and also create honeypots (Zaidenberg et al 2020) that encourage malware to expose themselves.…”

Section: Introductionmentioning

confidence: 99%

Hypervisor-assisted dynamic malware analysis

et al. 2021

Self Cite

View full text Add to dashboard Cite

Malware analysis is a task of utmost importance in cyber-security. Two approaches exist for malware analysis: static and dynamic. Modern malware uses an abundance of techniques to evade both dynamic and static analysis tools. Current dynamic analysis solutions either make modifications to the running malware or use a higher privilege component that does the actual analysis. The former can be easily detected by sophisticated malware while the latter often induces a significant performance overhead. We propose a method that performs malware analysis within the context of the OS itself. Furthermore, the analysis component is camouflaged by a hypervisor, which makes it completely transparent to the running OS and its applications. The evaluation of the system’s efficiency suggests that the induced performance overhead is negligible.

show abstract

Hypervisor Memory Introspection and Hypervisor Based Malware Honeypot

Cited by 2 publications

References 30 publications

Survey on Multi-Access Edge Computing Security and Privacy

Survey on Multi-Access Edge Computing Security and Privacy

Hypervisor-assisted dynamic malware analysis

Contact Info

Product

Resources

About