Hypervisor-based sensitive data leakage detector

Shu Hao Chang, Sanoop Mallissery, Chih Hao Hsieh, Yu-Sung Wu

Research output: Chapter in Book/Report/Conference proceedingConference contributionpeer-review

Abstract

Sensitive Data Leakage (SDL) is a major issue faced by organizations due to increasing reliance on data-driven decision-making. Existing Data Leakage Prevention (DLP) solutions are being challenged by the adoption of network transport encryption and the presence of privileged-mode malware designed to tamper with the DLP agent programs. We propose a novel DLP system called "HyperSweep" that uses Virtual Machine Memory Introspection (VMI) technology to inspect the memory content of a guest system for sensitive information. The approach is robust against both network transport encryption and malware that attack DLP agent programs. The HyperSweep prototype is implemented on top of the KVM hypervisor. Our experiments have confirmed its applicability to real-world applications, including web browsers, office applications, and social networking applications. The experiments also indicate moderate performance overhead from applying HyperSweep.

Original languageEnglish
Title of host publicationProceedings - 2018 IEEE 18th International Conference on Software Quality, Reliability, and Security, QRS 2018
PublisherInstitute of Electrical and Electronics Engineers Inc.
Pages155-162
Number of pages8
ISBN (Print)9781538677575
DOIs
StatePublished - 2 Aug 2018
Event18th IEEE International Conference on Software Quality, Reliability, and Security, QRS 2018 - Lisbon, Portugal
Duration: 16 Jul 201820 Jul 2018

Publication series

NameProceedings - 2018 IEEE 18th International Conference on Software Quality, Reliability, and Security, QRS 2018

Conference

Conference18th IEEE International Conference on Software Quality, Reliability, and Security, QRS 2018
CountryPortugal
CityLisbon
Period16/07/1820/07/18

Keywords

  • Data security
  • Hypervisor
  • Virtual machine introspection
  • Virtualization

Fingerprint Dive into the research topics of 'Hypervisor-based sensitive data leakage detector'. Together they form a unique fingerprint.

Cite this