ICST Transactions on Security and Safety
 2019
DOI: 10.4108/eai.8-4-2019.157417
|View full text |Cite
|
Sign up to set email alerts
|

HProve: A Hypervisor Level Provenance System to Reconstruct Attack Story Caused by Kernel Malware

Chonghua Wang1,
Libo Yin2,
Jun Li3
et al.

Abstract: Provenance of system subjects (e.g., processes) and objects (e.g., files) are very useful for many forensics tasks. In our analysis and comparison of existing Linux provenance tracing systems, we found that most systems assume the Linux kernel to be in the trust base, making these systems vulnerable to kernel level malware. To address this problem, we present HProve, a hypervisor level provenance tracing system to reconstruct kernel malware attack story. It monitors the execution of kernel functions and sensit… Show more

Help me understand this report

Search citation statements

Order By: Relevance

Paper Sections

Select...

Citation Types

0
0
0

Year Published

2022
2022
2022
2022

Publication Types

Select...
1

Relationship

0
1

Authors

Journals

citations
Cited by 1 publication
references
References 21 publications
0
0
0
Order By: Relevance
scite logo

scite is a Brooklyn-based organization that helps researchers better discover and understand research articles through Smart Citations–citations that display the context of the citation and describe whether the article provides supporting or contrasting evidence. scite is used by students and researchers from around the world and is funded in part by the National Science Foundation and the National Institute on Drug Abuse of the National Institutes of Health.

Contact Info

customersupport@researchsolutions.com

10624 S. Eastern Ave., Ste. A-614

Henderson, NV 89052, USA

Product
Browser ExtensionAssistant by sciteCitation Statement SearchReference CheckVisualizationsDashboardsExplore JournalsExplore OrganizationsExplore FundersEmbedding BadgeEmbedding Citation SearchPricing
Resources
BlogHelp & FAQAccessibility StatementAPI TermsFor Universities & GovernmentsFor ResearchersFor PublishersFor Corporate, Pharma & EnterpriseAuthor MarketingBecome an AffiliateGet an organization trial or quotescite Data & Services
About
News & PressCareersRead our PaperCoverage

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

BlogTerms and ConditionsAPI TermsPrivacy PolicyContactCookie PreferencesDo Not Sell or Share My Personal Information

Copyright © 2024 scite LLC. All rights reserved.

Made with 💙 for researchers

Part of the Research Solutions Family.