Paper Info
Title
Hiding File Manipulation of Essential Services by System Call Proxy.
Abstract
Security software or logging programs are frequently attacked because they are an obstruction to attackers. Protecting these essential services from attack is crucial to preventing and mitigating damage. Hiding information related to essential services, such as that of the files and processes, can help to deter attacks on these services. This paper proposes a method of hiding file manipulation for essential services. The method makes the files invisible to all services except their corresponding essential services and provides access methods to those files in a virtual machine (VM) environment. In the proposed method, system calls to those files are executed by a proxy process on the other VM. The original system call is not executed in the operating system of the original VM, however, the result of file access is returned to the original process. Thus, the files of essential services are placed on the other VM and other processes on the original VM cannot access to them. Therefore, the proposed method can prevent or deter identification of essential services based on file information monitoring.
Year
DOI
Venue
2018
10.1007/978-3-319-98530-5_76
ADVANCES IN NETWORK-BASED INFORMATION SYSTEMS, NBIS-2018
Keywords
Field
DocType
Security,Virtual machine,File access
Proxy (climate),Virtual machine,Access method,Computer science,Computer network,System call,Security software,Information monitoring
Conference
Volume
ISSN
Citations 
22
2367-4512
0
PageRank 
References 
Authors
0.34
11
3
Name
Order
Citations
PageRank
Masaya Sato166.56
Hideo Taniguchi25230.01
Toshihiro Yamauchi3179.39