Title :
Towards a Flexible Virtualization-Based Architecture for Malware Detection and Analysis
Author :
Vlad, Marius ; Reiser, Hans P.
Author_Institution :
Inst. of IT-Security & Security Law, Univ. of Passau, Passau, Germany
Abstract :
The complexity and sophistication of malicious attacks against IT systems have steadily increased over the past decades. Tools used to detect and analyse such attacks need to evolve continuously as well in order to cope with such attacks. In this paper, we identify some limitation of existing approaches and propose a novel architecture for an attack detection and analysis framework. This architecture is based on virtualization technology to execute target systems, supports a broad spectrum of low-level tracing modules and sophisticated, extensible virtual-machine introspection mechanisms, combined with an extensible plug-in interface for specialized detection and analysis mechanisms, and it offers support for deployment in cloud infrastructures.
Keywords :
cloud computing; invasive software; virtual machines; virtualisation; IT systems; analysis mechanisms; cloud infrastructures; extensible plug-in interface; flexible virtualization-based architecture; low-level tracing modules; malicious attacks; malware analysis; malware detection; specialized detection mechanisms; virtual-machine introspection mechanisms; virtualization technology; Computer architecture; Computers; Hardware; Malware; Virtual machining; Virtualization; Intrusion Detection; Malware Analysis; attack detection; plug-in architecture;
Conference_Titel :
Database and Expert Systems Applications (DEXA), 2014 25th International Workshop on
Conference_Location :
Munich
Print_ISBN :
978-1-4799-5721-7
DOI :
10.1109/DEXA.2014.67
