Detection of malware and kernel-level rootkits in cloud computing environments

Thu Yein Win, Huaglory Tianfield, Quentin Mair

    Research output: Chapter in Book/Report/Conference proceedingConference contribution

    Abstract

    Cyberattacks targeted at virtualization infrastructure underlying cloud computing services has become increasingly sophisticated. This paper presents a novel malware and rookit detection system which protects the guests against different attacks. It combines system call monitoring and system call hashing on the guest kernel together with Support Vector Machines (SVM)-based external monitoring on the host. We demonstrate the effectiveness of our solution by evaluating it against well-known user-level malware as well as kernel-level rootkit attacks.
    Original languageEnglish
    Title of host publication2015 IEEE 2nd International Conference on Cyber Security and Cloud Computing
    PublisherIEEE
    Pages295-300
    Number of pages6
    ISBN (Print)978146739297
    DOIs
    Publication statusPublished - 3 Nov 2015

    Keywords

    • virtualization security
    • cloud security
    • malware detection
    • rootkit detection
    • support vector machine
    • virtual machine introspection

    Fingerprint Dive into the research topics of 'Detection of malware and kernel-level rootkits in cloud computing environments'. Together they form a unique fingerprint.

    Cite this