The Infona portal uses cookies, i.e. strings of text saved by a browser on the user's device. The portal can access those files and use them to remember the user's data, such as their chosen settings (screen view, interface language, etc.), or their login data. By using the Infona portal the user accepts automatic saving and using this information for portal operation purposes. More information on the subject can be found in the Privacy Policy and Terms of Service. By closing this window the user confirms that they have read the information on cookie usage, and they accept the privacy policy and the way cookies are used by the portal. You can change the cookie settings in your browser.
In this paper, we address the problem of system monitoring and faults detection using classification-based approach. The main is to follow online evolutions which can occur on the diagnosed system in the course of time. In data classification, the functioning modes are represented with a set of similar patterns called classes. These classes change their intrinsic characteristics and they are likely...
System call interposition is a powerful method for regulating and monitoring program behavior. A wide variety of security tools have been developed which use this technique. However, traditional system call interposition techniques are vulnerable to kernel attacks and have some limitations on effectiveness and transparency. In this paper, we propose a novel approach named VSyscall, which leverages...
A cloud computing provider can dynamically allocate virtual machines (VM) based on the needs of the customers, while maintaining the privileged access to the Management Virtual Machine that directly manages the hardware and supports the guest VMs. The customers must trust the cloud providers to protect the confidentiality and integrity of their applications and data. However, as the VMs from different...
Monitoring virtual machine (VM) is an essential function for virtualized platforms. Existing solutions are either coarse-grained - monitoring in granularity of VM level, or not general - only support specific monitoring functions for particular guest operating system (OS). Thus they do not satisfy the monitoring requirement in large-scale server cluster such as data center and public cloud platform,...
The recent increase in complexity and functionality in embedded systems makes them more vulnerable to rootkit-type attacks, raising the need for integrity management systems. However, as of today there is no such system that can guarantee the system's safety while matching the low-resource, real-time and multi-core requirements of embedded systems. In this paper, we present a Virtual Machine Monitor...
Execution tracing is one of the key techniques for analyzing and validating the operation of embedded products. After reviewing several approaches to the runtime behavior analysis of embedded systems, we present the experience gained in developing a range of high-bandwidth communications devices combining multiple wireless and wired link technologies. In particular, all cases studies are based on...
With the development of virtualization technology, file protection in virtual machine, especially in guest OS, becomes more and more important. Traditional host-based file protection system resides the critical modules in monitored system, which is easily explored and destroyed by malwares. Moreover, in order to protect the multiple operation systems running on the same platform, it is necessary to...
Current commodity operating systems allow a privileged user to run some programs in kernel mode by installing a kernel module or a device driver, but there isnpsilat an available method to verify the reliability of these programs. As a result, malware leverages this way to corrupt system services, defeat anti-malware and even get control of the whole system. It makes operating-system-based security...
This paper introduced a monitoring architecture that is highly scalable and suitable for practical use in distributed environments. We also introduced two applications as illustrative embodiments of our concept and monitoring system. For better scalability and practicality, we are planning further developments on both monitoring system itself and applications.
In view of the analysis of hostility and working principle of the malicious software and their actions, based on the kernel driver, this paper designs a real-time inspection system framework and solution of malicious software and actions. This system applies shared memory, Windows message mechanism, I/O driver technology and others, implements information synchronization and data communications in...
The kernel objects consist of critical kernel data structures and system call functions, which are the most important data for a system, should be protected as first-class candidates. In this paper, a lightweight system-level detection and recovery infrastructure is presented for embedded systems. Inside the infrastructure, specific runtime protections have been implemented for different kernel objects,...
As the complexity of modern Operating Systems (OS) increases, testing key OS components such as device drivers(DD) becomes increasingly complex given the multitude of possible DD interactions. If representative operational activity profiles of DDs within an OS could be obtained, these could significantly improve the understanding of the actual operational DD state space towards guiding the test efforts...
The popularity of large scale systems such as Blue Gene has extended their reach beyond HPC into the realm of commercial computing. There is a desire in both communities to broaden the scope of these machines from tightly-coupled scientific applications running on MPI frameworks to more general-purpose workloads. Our approach deals with issues of scale by leveraging the huge number of nodes to distribute...
Effective reconfigurable hardware (RH) allocation plays a critical role in multi-tasking systems. Past RH scheduling research has focused on how to allocate RH based on the area and performance of competing hardware kernels. However, these approaches generally assume that the metrics associated with those hardware kernels are pre-determined. However, design-time estimates may not always be accurate...
Set the date range to filter the displayed results. You can set a starting date, ending date or both. You can enter the dates manually or choose them from the calendar.