中国科学院机构知识库网格系统: HODetector: The Hidden Objects Detection Based on Static Semantic Information Library Outside Virtual Machine

HODetector: The Hidden Objects Detection Based on Static Semantic Information Library Outside Virtual Machine

文献类型：期刊论文


作者	Li, YongGang2,3 ; Cui, ChaoYuan3 ; Sun, BingYu3 ; Li, WenBo1
刊名	JOURNAL OF INTERNET TECHNOLOGY
出版日期	2018-09-01
卷号	19 期号:5 页码:1393-1400
关键词	Virtualization Fine-Grained detection Semantic gap Rootkit Hidden objects detection
ISSN号	1607-9264
DOI	10.3966/160792642018091905011
通讯作者	Cui, ChaoYuan(cycui@iim.ac.cn)
英文摘要	With the spread of malwares, the security of virtual machine (VM) is suffering severe challenges recent years. Rootkits and their variants can hide themselves and other kernel objects such as processes, files, and modules making malicious activity hard to be detected. The existed solutions are either coarse-grained, monitoring at virtual machine level, or non-universal, only supporting specific operating system with specific modification. In this paper, we propose a fine-grained approach called HODetector based on static semantic information library (SSIL) to detect the hidden objects outside VM. We have deployed HODetector prototype on Xen virtualization platform and used it to detect the processes, files, and modules hidden by rootkits. The experiment results show that HODetector is effective for different rootkits and general for Linux operating system with various kernels.
WOS关键词	ROOTKIT DETECTION ; INTROSPECTION ; LEVEL
资助项目	National Nature Science Foundation of China[31371340] ; National Key Technology RD Program[2014BAD10B08] ; National Key Technologies Research and Development Program of China[2016YFB0502604]
WOS研究方向	Computer Science ; Telecommunications
语种	英语
WOS记录号	WOS:000447131100011
出版者	LIBRARY & INFORMATION CENTER, NAT DONG HWA UNIV
资助机构	National Nature Science Foundation of China ; National Nature Science Foundation of China ; National Nature Science Foundation of China ; National Nature Science Foundation of China ; National Key Technology RD Program ; National Key Technology RD Program ; National Key Technology RD Program ; National Key Technology RD Program ; National Key Technologies Research and Development Program of China ; National Key Technologies Research and Development Program of China ; National Key Technologies Research and Development Program of China ; National Key Technologies Research and Development Program of China ; National Nature Science Foundation of China ; National Nature Science Foundation of China ; National Nature Science Foundation of China ; National Nature Science Foundation of China ; National Key Technology RD Program ; National Key Technology RD Program ; National Key Technology RD Program ; National Key Technology RD Program ; National Key Technologies Research and Development Program of China ; National Key Technologies Research and Development Program of China ; National Key Technologies Research and Development Program of China ; National Key Technologies Research and Development Program of China ; National Nature Science Foundation of China ; National Nature Science Foundation of China ; National Nature Science Foundation of China ; National Nature Science Foundation of China ; National Key Technology RD Program ; National Key Technology RD Program ; National Key Technology RD Program ; National Key Technology RD Program ; National Key Technologies Research and Development Program of China ; National Key Technologies Research and Development Program of China ; National Key Technologies Research and Development Program of China ; National Key Technologies Research and Development Program of China ; National Nature Science Foundation of China ; National Nature Science Foundation of China ; National Nature Science Foundation of China ; National Nature Science Foundation of China ; National Key Technology RD Program ; National Key Technology RD Program ; National Key Technology RD Program ; National Key Technology RD Program ; National Key Technologies Research and Development Program of China ; National Key Technologies Research and Development Program of China ; National Key Technologies Research and Development Program of China ; National Key Technologies Research and Development Program of China
源URL	[http://ir.hfcas.ac.cn:8080/handle/334002/39357]
专题	合肥物质科学研究院_中科院合肥智能机械研究所
通讯作者	Cui, ChaoYuan
作者单位	1.Chinese Acad Sci, Inst Technol Innovat, Beijing, Peoples R China 2.Univ Sci & Technol China, Sch Informat Sci & Technol, Hefei, Anhui, Peoples R China 3.Chinese Acad Sci, Inst Intelligent Machine, Beijing, Peoples R China
推荐引用方式 GB/T 7714	Li, YongGang,Cui, ChaoYuan,Sun, BingYu,et al. HODetector: The Hidden Objects Detection Based on Static Semantic Information Library Outside Virtual Machine[J]. JOURNAL OF INTERNET TECHNOLOGY,2018,19(5):1393-1400.
APA	Li, YongGang,Cui, ChaoYuan,Sun, BingYu,&Li, WenBo.(2018).HODetector: The Hidden Objects Detection Based on Static Semantic Information Library Outside Virtual Machine.JOURNAL OF INTERNET TECHNOLOGY,19(5),1393-1400.
MLA	Li, YongGang,et al."HODetector: The Hidden Objects Detection Based on Static Semantic Information Library Outside Virtual Machine".JOURNAL OF INTERNET TECHNOLOGY 19.5(2018):1393-1400.

入库方式： OAI收割

来源：合肥物质科学研究院

下载0

HODetector: The Hidden Objects Detection Based on Static Semantic Information Library Outside Virtual Machine

其他版本