- 學位論文
磁碟傷害範圍估測機制
A Storage-Layer Security Attack Damage Estimation Mechanism
並列摘要
Behavior matching is a malware detection method with high detection rate. However, during the time matching behaviors, the malware is continually making damage. Thus, estimating the damaged area the detected malware made can help administrator relieve the damage. In paravirtualized environment, we design a storage-layer damage estimation mechanism. We estimate the damage that a malware made by using the disk I/O information from guest VM. We modify xen-blkback to intercept raw disk I/O information, and Xen hypervisor to intercept system calls. We combine raw disk information and system call information to estimate damaged area.
參考文獻
[6] Xen - Blktap. Available: http://wiki.xen.org/wiki/Blktap
[8] The Sleuth Kit. Available: http://www.sleuthkit.org/
[12] fio. Available: http://freecode.com/projects/fio
[1] L. Martignoni, R. Paleari, and D. Bruschi, "A framework for behavior-based malware analysis in the cloud," in Information Systems Security, ed: Springer, 2009, pp. 178-192.
[2] M. Christodorescu, S. Jha, and C. Kruegel, "Mining specifications of malicious behavior," in ACM India Software Engineering Conference, 2008, pp. 5-14.
延伸閱讀
- 徐秀枝(2008)。磁碟系統在不同傾斜角度下承受基底振動之傳輸效率研究〔碩士論文,大同大學〕。華藝線上圖書館。https://www.airitilibrary.com/Article/Detail?DocID=U0081-0607200917245208
- 邱勝郁(2012)。應用機械視覺於硬碟磁頭表面瑕疵檢測〔碩士論文,國立臺北科技大學〕。華藝線上圖書館。https://doi.org/10.6841/NTUT.2012.00002
- 丘瑞泉(2010)。磁碟陣列控制器之可靠度分析〔碩士論文,淡江大學〕。華藝線上圖書館。https://doi.org/10.6846/TKU.2010.00213
- Liu, C. H., & Chen, W. H. (2019). The Study of Using Big Data Analysis to Detecting APT Attack. 電腦學刊, 30(1), 206-222. https://doi.org/10.3966/199115992019023001020
- Chen, P. P. (2021). An Enhanced Cyclic Logic Locking Approach against SAT-based Attacks [master's thesis, National Tsing Hua University]. Airiti Library. https://www.airitilibrary.com/Article/Detail?DocID=U0016-2412202116181360