Crimeware Swindling without Virtual Machines
In previous work, we introduced a bait-injection system designed to delude and detect crimeware by forcing it to reveal itself during the exploitation of captured information. Although effective as a technique, our original system was practically limited, as it was implemented in a personal VM environment. In this paper, we investigate how to extend our system by applying it to personal workstation environments. Adapting our system to such a different environment reveals a number of challenging issues, such as scalability, portability, and choice of physical communication means. We provide implementation details and we evaluate the effectiveness of our new architecture.
- botswindler-noVM.pdf application/pdf 279 KB Download File
Also Published In
- Information Security: 13th International Conference, ISC 2010: Boca Raton, FL, USA, October 25-28, 2010: Revised Selected Papers