For Full-Text PDF, please login, if you are a member of IEICE,|
or go to Pay Per View on menu list, if you are a nonmember of IEICE.
A Virtualization-Based Approach for Application Whitelisting
Donghai TIAN Jingfeng XUE Changzhen HU Xuanya LI
IEICE TRANSACTIONS on Information and Systems
Publication Date: 2014/06/01
Online ISSN: 1745-1361
Type of Manuscript: LETTER
Category: Software System
whitelisting, virtualization technology,
Full Text: PDF(375.7KB)>>
A whitelisting approach is a promising solution to prevent unwanted processes (e.g., malware) getting executed. However, previous solutions suffer from limitations in that: 1) Most methods place the whitelist information in the kernel space, which could be tempered by attackers; 2) Most methods cannot prevent the execution of kernel processes. In this paper, we present VAW, a novel application whitelisting system by using the virtualization technology. Our system is able to block the execution of unauthorized user and kernel processes. Compared with the previous solutions, our approach can achieve stronger security guarantees. The experiments show that VAW can deny the execution of unwanted processes effectively with a little performance overhead.