Deterministic Detection for Hijacked Program Execution
We propose technology to automatically detect software exploits that hijack the execution of a running Linux kernel or one of its hosted applications. The key enabling technology for the proposed work is provided by KATE, the Kernel Analysis and Translation Engine. KATE uses a combination of software dynamic translation and hardware virtualization to provide fine-grained, efficient monitoring of an entire system. We propose to use KATE to enforce execution invariants on a running system. Violations of the invariants will indicate that the system is under attack.
Small Business Information at Submission:
531 Esty Street Ithaca, NY -
Number of Employees: