Computer Science

Computer Science ›› 2016, Vol. 43 ›› Issue (Z6): 348-352.doi: 10.11896/j.issn.1002-137X.2016.6A.083

Previous Articles     Next Articles

Research on Rootkit Detection System Architecture Based on Functional Separation in Virtualized Environment

ZHU Zhi-qiang, ZHAO Zhi-yuan, SUN Lei and YANG Jie   

  • Online:2018-11-14 Published:2018-11-14

PDF (PC)

420

Abstract: A kind of Rootkit detection system architecture XenMatrix based on duty separation in virtualization environment was proposed in light of the problems of Rootkit detection technology being easy to be avoided and large perfor-mance overhead in existing virtualization environment,which can improve the security of its own and at the same time ensure the transparency of the detecting system.A strategy of adaptive adjustment to detect the frequency was proposed,which can achieve dynamic adjustment of Rootkit detecting frequency and reduce the overhead of the system effectively.The analysis of experimental results shows that this prototype system can effectively detect known and unknown Rootkit and has higher success rate of detecting and lower performance overhead compared to existing detecting technology at present.

Key words: Virtualization,Functional separation,Rootkit,Self-adaption

[1] Kale V.Guide to Cloud Computing for Business and Technology Managers:From Distributed Computing to Cloudware Applications[M].CRC Press,2014
[2] 石磊,邹德清,金海,等.Xen虚拟化技术[M].武汉:华中科技大学出版社,2009
[3] 陈祝红.Xen虚拟化平台下入侵检测系统研究与实现[D].合肥:中国科学技术大学,2013
[4] Jones S T,Arpaci-Dusseau A C,Arpaci-Dusseau R H.Antfarm:Tracking Processes in a Virtual Machine Environment[C]∥USENIX Annual Technical Conference.General Track,2006:1-14
[5] Chen L,Liu B,Zhang J,et al.An advanced method of process reconstruction based on VMM[C]∥2011 International Confe-rence on Computer Science and Network Technology (ICCSNT).IEEE,2011,2:987-992
[6] 陈林.基于虚拟机的恶意代码检测关键技术研究[D].长沙:国防科学技术大学,2012
[7] 芦天亮.基于人工免疫系统的恶意代码检测技术研究 [D].北京:北京邮电大学,2013
[8] Dastanpour A,Ibrahim S,Mashinchi R.Using Genetic Algo-rithm to Supporting Artificial Neural Network for Intrusion Detection System[C]∥The International Conference on Computer Security and Digital Investigation (ComSec2014).The Society of Digital Information and Wireless Communication,2014:1-13
[9] Negnevitsky M.Artificial intelligence:a guide to intelligent systems[M].Pearson Education,2005
[10] Negnevitsky M.Artificial intelligence:a guide to intelligent systems[M].Pearson Education,2005
[11] 陈易,张杭,胡航.基于 BP 神经网络的协作频谱感知技术[J].计算机科学,2015,42(2):43-45,64
[12] 陈友,程学旗,李洋,等.基于特征选择的轻量级入侵检测系统[J].软件学报,2007,18(7):1639-1651
No related articles found!
Viewed
Full text


Abstract

Cited
  Shared   
  Discussed   
No Suggested Reading articles found!
渝ICP备16013121号-4
Add:18# Honghu West Rd., Yubei ,Chongqing,China    Post Code: 401121
Tel: 023-63500828/023-67039612/023-67039623
E-mail: jsjkx12@163.com
Powered by Beijing Magtech Co., Ltd.