By Topic

Malware Detection and Kernel Rootkit Prevention in Cloud Computing Environments

Sign In

Cookies must be enabled to login.After enabling cookies , please use refresh or reload or ctrl+f5 on the browser for the login options.

Formats Non-Member Member
$33 $13
Learn how you can qualify for the best price for this item!
Become an IEEE Member or Subscribe to
IEEE Xplore for exclusive pricing!
close button

puzzle piece

IEEE membership options for an individual and IEEE Xplore subscriptions for an organization offer the most affordable access to essential journal articles, conference papers, standards, eBooks, and eLearning courses.

Learn more about:

IEEE membership

IEEE Xplore subscriptions

5 Author(s)
Matthias Schmidt ; Dept. of Math. & Comput. Sci., Univ. of Marburg, Marburg, Germany ; Lars Baumgartner ; Pablo Graubner ; David Bock
more authors

The commercial success of Cloud Computing and recent developments in Grid Computing have brought platform virtualization technology into the field of high performance computing. Virtualization offers both more flexibility and security through custom user images and user isolation. In this paper, we present an approach for combined malware detection and kernel root kit prevention in virtualized Cloud Computing environments. All running binaries in a virtual instance are intercepted and submitted to one or more analysis engines. Besides a complete check against a signature database, live introspection of all system calls is performed to detect yet unknown exploits or malware. Furthermore, to prevent that an intruder retains persistent control over a running instance after a successful compromise, an in-kernel root kit prevention approach is proposed. Only authorized and thus trusted kernel modules are allowed to be loaded during runtime, loading of unauthorized modules is no longer possible. Finally, the performance of the presented solutions is evaluated.

Published in:

2011 19th International Euromicro Conference on Parallel, Distributed and Network-Based Processing

Date of Conference:

9-11 Feb. 2011