TY - GEN
T1 - Using virtual machines to do cross-layer damage assessment
AU - Jia, Xiaoqi
AU - Zhang, Shengzhi
AU - Jing, Jiwu
AU - Liu, Peng
PY - 2008
Y1 - 2008
N2 - In this paper, we present an approach that uses virtual machines to do "out-of-the-box" cross-layer damage assessment, an indispensable part of security/risk management. To resolve the con ict between fine-grained damage assessment and the response time requirements of service requests, we present a new production environment damage assessment architecture. We have implemented a major portion of the architecture and done preliminary evaluation. Contribu- tions of our system include combining instruction and OS level taint tracking, and efficient "what-if" damage assess- ment methods.
AB - In this paper, we present an approach that uses virtual machines to do "out-of-the-box" cross-layer damage assessment, an indispensable part of security/risk management. To resolve the con ict between fine-grained damage assessment and the response time requirements of service requests, we present a new production environment damage assessment architecture. We have implemented a major portion of the architecture and done preliminary evaluation. Contribu- tions of our system include combining instruction and OS level taint tracking, and efficient "what-if" damage assess- ment methods.
UR - http://www.scopus.com/inward/record.url?scp=70349248606&partnerID=8YFLogxK
UR - http://www.scopus.com/inward/citedby.url?scp=70349248606&partnerID=8YFLogxK
U2 - 10.1145/1456482.1456487
DO - 10.1145/1456482.1456487
M3 - Conference contribution
AN - SCOPUS:70349248606
SN - 9781605582986
T3 - Proceedings of the ACM Conference on Computer and Communications Security
SP - 29
EP - 38
BT - Proceedings of the 1st ACM Workshop on Virtual Machine Security, VMSec'08, Co-located with the 15th ACM Computer and Communications Security Conference, CCS'08
T2 - 1st ACM Workshop on Virtual Machine Security, VMSec'08, Co-located with the 15th ACM Computer and Communications Security Conference, CCS'08
Y2 - 27 October 2008 through 31 October 2008
ER -