| 000 | 03439cam a2200337 a 4500 | ||
|---|---|---|---|
| 003 | EG-GiCUC | ||
| 005 | 20250223031527.0 | ||
| 008 | 160703s2016 ua f m 000 0 eng d | ||
| 040 |
_aEG-GiCUC _beng _cEG-GiCUC |
||
| 041 | 0 | _aeng | |
| 049 | _aDeposite | ||
| 097 | _aPh.D | ||
| 099 | _aCai01.18.02.Ph.D.2016.Om.N | ||
| 100 | 0 | _aOmar Hussein Sayed Mohamed | |
| 245 | 1 | 2 |
_aA Novel approach for countering information leakage based on virtualization / _cOmar Hussein Sayed Mohamed ; Supervised Hesham Ahmed Hefny , Nermin Hamza Abdelghafar |
| 246 | 1 | 5 | _aنهج جديد لمواجهة تسريب المعلومات اعتمادا على الافتراضية |
| 260 |
_aCairo : _bOmar Hussein Sayed Mohamed , _c2016 |
||
| 300 |
_a175 Leaves ; _c30cm |
||
| 502 | _aThesis (Ph.D.) - Cairo University - Institute of Statistical Studies and Research- Department of Computer and Information Science | ||
| 520 | _aIn traditional computer architecture, operating systems (OSs) are responsible for managing systems resources, handling processes requests to access the resources, and maintaining data privacy through process isolation. However, this architecture broadens the attack surface to include the whole software stack. This thesis exploits machine virtualization to provide substantially stronger information security guarantees against information leakage attacks than that traditionally offered by physical (non-virtualized) computer systems. System administration-related advantages of machine virtualization are viewed as valuable security-related advantages that are exploited to reduce systems{u2019} exposure to security threats. This thesis presents four contributions. Firstly, a novel OS-independent information security approach called Virtualized Anti-Information Leakage (VAIL) to address information leakage attacks by malicious software and insiders, even after decryption of sensitive files using untrusted machines. The idea is based on combining machine virtualization with cryptography and system call monitoring to achieve the intended objective. Secondly, a novel approach called VAIL Disordered-Bitstring Provider (VDBP) to generate pseudo-random bitstrings. It is one of VAIL modules. It is essential to support VAIL{u2019}s cryptography-related operations, and salt user-supplied passwords. Thirdly, a novel approach called VAIL System Call Monitor (VSCM) to detect and thwart previously unknown code injection attacks. It is one of VAIL modules. It intercepts and verifies CreateProcess() system call invocations from a monitored process. In case an unknown executable is detected in the first parameter of a call, this indicates its maliciousness. In response, VSCM encrypts that parameter value to render the call invalid, thereby thwarting adversaries{u2019} attacks by preventing the OS from loading and executing the new malicious child process. Fourthly, a novel covert channel that is specific to virtual machine monitors (VMMs); it is called VMM memory reclamation-based covert storage channel | ||
| 530 | _aIssued also as CD | ||
| 653 | 4 | _aCountering information leakage | |
| 653 | 4 | _aOperating systems (OSs) | |
| 653 | 4 | _aVirtualization | |
| 700 | 0 |
_aHesham Ahmed Hefny , _eSupervisor |
|
| 700 | 0 |
_aNermin Hamza Abdelghafar , _eSupervisor |
|
| 856 | _uhttp://172.23.153.220/th.pdf | ||
| 905 |
_aAml _eCataloger |
||
| 905 |
_aNazla _eRevisor |
||
| 942 |
_2ddc _cTH |
||
| 999 |
_c57083 _d57083 |
||