Abstract
Cyber-attacks vary greatly in their goals, methods, and complexity, but they all communicate with their operators. Existing methods that attempt to prevent unauthorized communication are either inadequate or are vulnerable to kernel-mode attacks. We demonstrate the viability of stealthy network transmission on various network interface cards, using only data-writes to physical pages. For some cards, a code-reuse attack is used to issue IO instructions. Finally, the paper describes a virtualization-based method that prevents unauthorized communication. The analysis of its impact on the network bandwidth and the overall system performance shows that the average performance degradation is 0.6% on an idle system and 1.7% with a 10 MB/s outgoing traffic. The bandwidth degrades by 15% on average.
Sign-in/Register to access full text options 
Free) 
Talk to us
Join us for a 30 min session where you can share your feedback and ask us any queries you have
Schedule a call
