Learn More
For decades, researchers have pointed out that Mandatory Access Control (MAC) is an effective method to protect computer systems from being misused. Unfortunately, MAC is still not widely deployed because of its complexity. The problem is even worse in a virtual machine environment, because the current architecture is not designed to support MAC in a(More)
This paper presents Xenprobes, a lightweight framework to probe the guest kernels of Xen Virtual Machine. Xen-probes is useful for various purposes such as as monitoring real-time status of production systems, analyzing performance bottlenecks, logging specific events or tracing problems of Xen-based guest kernel. Compared to other kernel probe solutions,(More)
Current OSes include many logical sharing techniques (shared library, symbolic link, etc.) on memory and storage. Unfortunately they cause security and management problems which come from the dynamic management of logical sharing; e.g., search path replacement attack, GOT (Global Offset Table) overwrite attack, Dependency Hell, etc. This paper proposes that(More)
File-system integrity tools (FIT) are commonly deployed host-based intrusion detections (HIDS) tool to detect unauthorized file-system changes. While FIT are widely used, this kind of HIDS has many drawbacks: the intrusion detection is not done in real-time manner, which might render the whole scheme useless if the attacker can somehow take over the system(More)
OS Circular is a framework for Internet Disk Image Distribution of software for virtual machines , those which offer a ''virtualized'' common PC environment on any PC. OS images are obtained via the stackable virtual disk ''Trusted HTTP-FUSE CLOOP''. The system is designed to utilize Mirror servers and Proxies for highly-scalable worldwide deployment. OS(More)
  • 1