|
About:
ReVirt is part of the CoVirt project, which investigated on the use of virtual machines to provide security in an operating-system-independent manner to enable the security system to function independently from the guest operating system. ReVirt logs enough information to replay the entire intrusive sequence instruction-by-instruction so that a detailed observation on the attack can be documented. It includes a system called BackTracker that helps system administrators understand (and thereby recover from) an intrusion, by automatically identifying potential sequences of steps that occurred in an intrusion. Starting with a single detection point (e.g., a suspicious file), BackTracker identifies files and processes that could have affected that detection point and displays chains of events in a dependency graph.
Author:
Prof. Peter M. Chen <pmchen (at) umich (dot) edu>
[contact developer]
Homepage:
http://www.eecs.umich.edu/CoVirt/
Trove categories:
[change]
Dependencies:
[change]
No dependencies filed
|
|
» Rating:
(not rated)
» Vitality: 0.00% (Rank 25520)
» Popularity: 0.13% (Rank 31360)
 
(click to enlarge graphs)
Record hits: 2,519
URL hits: 694
Subscribers: 1
|
|
