Deterministic Detection for Hijacked Program Execution
Small Business Information
531 Esty Street, Ithaca, NY, -
AbstractWe propose technology to automatically detect software exploits that hijack the execution of a running Linux kernel or one of its hosted applications. The key enabling technology for the proposed work is provided by KATE, the Kernel Analysis and Translation Engine. KATE uses a combination of software dynamic translation and hardware virtualization to provide fine-grained, efficient monitoring of an entire system. We propose to use KATE to enforce execution invariants on a running system. Violations of the invariants will indicate that the system is under attack.
* information listed above is at the time of submission.