Jyväskylän yliopisto | JYX-julkaisuarkisto

 
Näytä aineisto 

Hypervisor-assisted Atomic Memory Acquisition in Modern Systems

ThumbnailFinal Draft
138.1 Kb

Lataukset:  
Show download detailsHide download details  
Kiperberg, M., Leon, R., Resh, A., Algawi, A., & Zaidenberg, N. (2019). Hypervisor-assisted Atomic Memory Acquisition in Modern Systems. In P. Mori, S. Furnell, & O. Camp (Eds.), ICISSP 2019 : Proceedings of the 5th International Conference on Information Systems Security and Privacy, Volume 1 (pp. 155-162). SCITEPRESS Science And Technology Publications. https://doi.org/10.5220/0007566101550162
Tekijät
Kiperberg, Michael |
Leon, Roee |
Resh, Amit |
Algawi, Asaf |
Zaidenberg, Nezer
Toimittajat
Mori, Paolo |
Furnell, Steven |
Camp, Olivier
Päivämäärä
2019
Oppiaine
TietotekniikkaMathematical Information Technology
Tekijänoikeudet
© 5th International Conference on Information Systems Security and Privacy by SCITEPRESS

 
Reliable memory acquisition is essential to forensic analysis of a cyber-crime. Various methods of memory acquisition have been proposed, ranging from tools based on a dedicated hardware to software only solutions. Recently, a hypervisor-based method for memory acquisition was proposed (Qi et al., 2017; Martignoni et al., 2010). This method obtains a reliable (atomic) memory image of a running system. The method achieves this by making all memory pages non-writable until they are copied to the memory image, thus preventing uncontrolled modification of these pages. Unfortunately, the proposed method has two deficiencies: (1) the method does not support multiprocessing and (2) the method does not support modern operating systems featuring address space layout randomization (ASLR). We describe a hypervisor-based memory acquisition method that solves the two aforementioned deficiencies. We analyze the memory usage and performance of the proposed method.
Julkaisija
SCITEPRESS Science And Technology Publications
Emojulkaisun ISBN
978-989-758-359-9
Konferenssi
International Conference on Information Systems Security and Privacy
Kuuluu julkaisuun
ICISSP 2019 : Proceedings of the 5th International Conference on Information Systems Security and Privacy, Volume 1
Asiasanat
DOI
https://doi.org/10.5220/0007566101550162
URI

http://urn.fi/URN:NBN:fi:jyu-201907243671

Julkaisu tutkimustietojärjestelmässä

https://converis.jyu.fi/converis/portal/detail/Publication/30725172

Metadata
Näytä kaikki kuvailutiedot
Kokoelmat
Lisenssi
In Copyright
Ellei muuten mainita, aineiston lisenssi on In Copyright
Tietosuojailmoitus

Saavutettavuusseloste

Ellei toisin mainittu, julkisesti saatavilla olevia JYX-metatietoja (poislukien tiivistelmät) saa vapaasti uudelleenkäyttää CC0-lisenssillä.