Lionel Litty

Learn More
Hypervisors have been proposed as a security tool to defend against malware that subverts the OS kernel. However, hypervisors must deal with the semantic gap between the low-level information available to them and the high-level OS abstractions they need for analysis. To bridge this gap, systems have proposed making assumptions derived from the kernel(More)
In current commodity systems, applications have no way of limiting their trust in the underlying operating system (OS), leaving them at the complete mercy of an attacker who gains control over the OS. In this work, we describe the design and implementation of Proxos, a system that allows applications to configure their trust in the OS by partitioning the(More)
Unbeknownst to many computer users, their machines are running malware. Others are aware that strange software inhabits their machine, but cannot get rid of it. In this paper, we present <i>Manitou</i>, a system that provides users with the ability to assign, track and revoke execution privileges for code, regardless of the integrity and type of operating(More)
Hypervisor-based Intrusion Detection Lionel Litty Master of Science Graduate Department of Computer Science University of Toronto 2005 Unauthorized access by intruders to computer systems is a pervasive and seemingly worsening problem. This research explores the implementation of the Intrusion Sensing and Introspection System (ISIS). ISIS is an Intrusion(More)
We evaluate the robustness of simplified mobility and radio propagation models for indoor MANET simulations. A robust simplification allows researchers to extrapolate simulation results and reach reliable conclusions about the expected performance of protocols in real life. We show that common simplified mobility and radio propagation models are not robust.(More)
Cloud computing environments allow customers to execute arbitrary code on hardware owned by a cloud provider. While cloud providers use virtualization to ensure isolation between customers, they face additional security challenges. Malicious customers may leverage the provider’s hardware to launch attacks, either from VMs they own or by compromising VMs(More)
A basic requirement of a secure computer system is that it be up to date with regard to software security patches. Unfortunately, Infrastructure as a Service (IaaS) clouds make this difficult. They leverage virtualization, which provides functionality that causes traditional security patch update systems to fail. In addition, the diversity of operating(More)
We show that simple radio propagation and node mobility models widely used in MANET evaluation are not robust in indoor environments. Robust simulation models let researchers extrapolate simulation results and reach reliable conclusions about expected protocol performance. We experiment with two representative MANET routing protocols under different(More)