English
Related papers

Related papers: Detect Kernel-Mode Rootkits via Real Time Logging …

200 papers

One of the main issues in the OS security is to provide trusted code execution in an untrusted environment. During executing, kernel-mode drivers allocate and process memory data: OS internal structures, users private information, and…

Cryptography and Security · Computer Science 2018-12-27 Igor Korkin

Windows OS is facing a huge rise in kernel attacks. An overview of popular techniques that result in loading kernel drivers will be presented. One of the key targets of modern threats is disabling and blinding Microsoft Defender, a default…

Cryptography and Security · Computer Science 2022-10-07 Denis Pogonin , Igor Korkin

Existing anti-malware software and reverse engineering toolkits struggle with stealthy sub-OS rootkits due to limitations of run-time kernel-level monitoring. A malicious kernel-level driver can bypass OS-level anti-virus mechanisms easily.…

Windows OS kernel memory is one of the main targets of cyber-attacks. By launching such attacks, hackers are succeeding in process privilege escalation and tampering with users data by accessing kernel mode memory. This paper considers a…

Cryptography and Security · Computer Science 2019-05-31 Igor Korkin

Malware and cheat developers use fileless execution techniques to evade traditional, signature-based security products. These methods include various types of manual mapping, module stomping, and threadless injection which work entirely…

Cryptography and Security · Computer Science 2025-08-07 Arjun Juneja

The security of a computer system depends on OS kernel protection. It is crucial to reveal and inspect new attacks on kernel data, as these are used by hackers. The purpose of this paper is to continue research into attacks on dynamically…

Cryptography and Security · Computer Science 2021-06-14 Igor Korkin

Almost all modern hardware, from phone SoCs to high-end servers with accelerators, contain memory translation and protection hardware like IOMMUs, firewalls, and lookup tables which make it impossible to reason about, and enforce protection…

Operating Systems · Computer Science 2020-09-08 Reto Achermann , Nora Hossle , Lukas Humbel , Daniel Schwyn , David Cock , Timothy Roscoe

Effectively protecting the Windows OS is a challenging task, since most implementation details are not publicly known. Windows has always been the main target of malwares that have exploited numerous bugs and vulnerabilities. Recent trusted…

Operating Systems · Computer Science 2017-06-07 Roberto di Pietro , Federico Franzoni , Flavio Lombardi

One of the main issues in the OS security is providing trusted code execution in an untrusted environment. During executing, kernel-mode drivers dynamically allocate memory to store and process their data: Windows core kernel structures,…

Cryptography and Security · Computer Science 2018-05-31 Igor Korkin

Since modern anti-virus software mainly depends on a signature-based static analysis, they are not suitable for coping with the rapid increase in malware variants. Moreover, even worse, many vulnerabilities of operating systems enable…

Cryptography and Security · Computer Science 2022-11-28 Manabu Hirano , Ryotaro Kobayashi

Monitoring kernel object modification of virtual machine is widely used by virtual-machine-introspection-based security monitors to protect virtual machines in cloud computing, such as monitoring dentry objects to intercept file operations,…

Cryptography and Security · Computer Science 2019-02-15 Dongyang Zhan , Huhua Li , Lin Ye , Hongli Zhang , Binxing Fang , Xiaojiang Du

The development process of microcontroller firmware often involves multiple parties. In such a scenario, the Intellectual Property (IP) is not protected against adversarial developers which have unrestricted access to the firmware binary.…

Cryptography and Security · Computer Science 2019-09-13 Marc Schink , Johannes Obermaier

Intel's Software Guard Extensions (SGX) introduced new instructions to switch the processor to enclave mode which protects it from introspection. While the enclave mode strongly protects the memory and the state of the processor, it cannot…

Cryptography and Security · Computer Science 2020-07-17 Tobias Cloosters , Michael Rodler , Lucas Davi

Memory protection units (MPUs) are hardware-assisted security features that are commonly used in embedded processors such as the ARM 940T, Infineon TC1775, and Xilinx Zynq. MPUs partition the memory statically, and set individual protection…

Cryptography and Security · Computer Science 2024-05-24 Bharadwaj Madabhushi , Chandra Sekhar Mummidi , Sandip Kundu , Daniel Holcomb

Malicious software is abundant in a world of innumerable computer users, who are constantly faced with these threats from various sources like the internet, local networks and portable drives. Malware is potentially low to high risk and can…

Cryptography and Security · Computer Science 2012-05-15 Priyank Singhal , Nataasha Raul

Machine learning based malware detection techniques rely on grayscale images of malware and tends to classify malware based on the distribution of textures in graycale images. Albeit the advancement and promising results shown by machine…

Cryptography and Security · Computer Science 2022-08-05 Sanket Shukla

Memory-safety violations are a prevalent cause of both reliability and security vulnerabilities in systems software written in unsafe languages like C/C++. Unfortunately, all the existing software-based solutions to this problem exhibit…

Cryptography and Security · Computer Science 2017-06-19 Oleksii Oleksenko , Dmitrii Kuvaiskii , Pramod Bhatotia , Pascal Felber , Christof Fetzer

The current pandemic situation has increased cyber-attacks drastically worldwide. The attackers are using malware like trojans, spyware, rootkits, worms, ransomware heavily. Ransomware is the most notorious malware, yet we did not have any…

Cryptography and Security · Computer Science 2022-06-07 Nanda Rani , Sunita Vikrant Dhavale

In modern computer systems, user processes are isolated from each other by the operating system and the hardware. Additionally, in a cloud scenario it is crucial that the hypervisor isolates tenants from other tenants that are co-located on…

Cryptography and Security · Computer Science 2019-05-23 Michael Schwarz , Samuel Weiser , Daniel Gruss , Clémentine Maurice , Stefan Mangard

Intel memory protection keys (MPK) is a new hardware feature to support thread-local permission control on groups of pages without requiring modification of page tables. Unfortunately, its current hardware implementation and software…

Cryptography and Security · Computer Science 2018-11-20 Soyeon Park , Sangho Lee , Wen Xu , Hyungon Moon , Taesoo Kim
‹ Prev 1 2 3 10 Next ›