General-purpose computing devices, such as personal computers (PCs), and the operating systems that run on them provide more functionality and capabilities than most users will ever want or need. Too much of the burden of keeping these computer systems secure is placed on the end users. Users are often required to keep the operating system, applications, security software, and anti-virus definitions up-to-date. Even with the latest security updates, users are still susceptible to the newest exploits. When a system does become compromised, the process of then restoring it to a usable state can frequently result in the loss of personal data stored on the system. Personal data can often only be recovered through repeated effort and in some cases can never be recovered. Malicious software (malware) is not the only source of problems on a computer system. Software bugs and conflicting software packages can also cause system instability as well as data corruption.
In this dissertation, we present a unique desktop system architecture solution to the pervasive problem of recovering from malware attacks. We demonstrate our architecture with an open source implementation of our Rapid Recovery Desktop system that provides resistance against attack and rapid recovery from broken system state and malware infestation. Our system combines a file server virtual machine (FS-VM), a network virtual machine (NET-VM), a virtual machine contract system, and a virtualization security framework (OSCKAR) to isolate, provide access control, and limit the privileges of applications. We measured the system's performance overhead and evaluated the security and recovery benefits.
|School Location:||United States -- New York|
|Source:||DAI-B 71/11, Dissertation Abstracts International|
|Subjects:||Engineering, Computer science|
|Keywords:||Attack-resistant desktop, Malware, Open sources, Rapid recovery desktop, Security|
Copyright in each Dissertation and Thesis is retained by the author. All Rights Reserved
The supplemental file or files you are about to download were provided to ProQuest by the author as part of a
dissertation or thesis. The supplemental files are provided "AS IS" without warranty. ProQuest is not responsible for the
content, format or impact on the supplemental file(s) on our system. in some cases, the file type may be unknown or
may be a .exe file. We recommend caution as you open such files.
Copyright of the original materials contained in the supplemental file is retained by the author and your access to the
supplemental files is subject to the ProQuest Terms and Conditions of use.
Depending on the size of the file(s) you are downloading, the system may take some time to download them. Please be