Hidden Process Detection System Based on Hardware-Assisted Virtualization
暂无分享,去创建一个
Hidden process detection is an important issue in information security area. Based on hardware-assisted virtualization, the system proposed in this paper can monitor guest operating system (Guest OS) via the highest privilege level of Virtual Machine Monitor (VMM). It realizes functions of detection, creation monitoring and termination of hidden processes, even for malicious Root kit processes in kernel. Comparing to popular process detection tools using hook functions or relying on unpublicized data structures, the optimized system doesn't depend on any hook function and destroy any data structure of OS, making it much more efficient and better in the area of hidden processes detection.
[1] Kai Zhang,et al. Studies on some perfectly matched layers for one-dimensional time-dependent systems , 2009, Adv. Comput. Math..
[2] Yu-Chee Tseng,et al. A secure data hiding scheme for binary images , 2002, IEEE Trans. Commun..
[3] Min Wu,et al. Data hiding in binary image for authentication and annotation , 2004, IEEE Transactions on Multimedia.