Attack Amelioration via Layered Temporal Virtualizaton ("Primer")

ABSTRACT: This project will investigate the feasibility of a computing appliance which uses Temporal Virtualization to help ameliorate the effects of malicious software activity. Temporal Virtualization involves the manipulation of virtual time in Type-2 (software) virtual clients in a way that frustrates an adversary"s attempts to corrupt or break out of virtualization. An attack model is assumed where the detection of malicious software in one client can be used to signal ahead to another that a"future"attack is pending. This allows the second client to respond against the attack before it (virtually) begins; demonstrating a prescience of malicious activity that ultimately frustrates attempts to disrupt or escape virtualization. When combined with nested virtualization layers and effective response policy, this becomes a superior approach for fighting through attacks while minimizing service loss. BENEFIT: This work addresses a very important part of fighting through the attack: how to respond. It augments the notion of nested virtualization with features that support the development of a nested response policy that minimize the effectiveness of an attack. The proposed approach is significant because virtual time manipulation will enhance the ability to react effectively when an attempt to break out of a virtual domain is detected.