CS Researchers Earn Best Paper Award
CS researchers received the Best Paper Award at the 11th International Symposium on Recent Advances in Intrusion Detection (RAID). PhD student Ryan Riley, Prof. Xuxian Jiang, and Prof. Dongyan Xu received the RAID'08 best paper award for their work entitled "Guest-Transparent Prevention of Kernel Rootkits with VMM-based Memory Shadowing." The RAID symposium was held September 15-17 at the Massachusetts Institutes of Technology. RAID is the premier conference on research in intrusion detection and response systems.
The paper is about NICKLE, a system the authors have developed to prevent rootkits from “hijacking” computers’ operating systems. A rootkit is a malicious program that seizes control of the very core of an operating system – the kernel – and further "installs" unauthorized software that will be difficult to find and remove. The rootkit allows other unauthorized access or behavior to occur – all hidden from the computer user and administrator. This is a tactic used in many cyber attacks, including botnets.
Ryan Riley is a PhD student under the direction of Jiang and Xu. His research focuses on operating system security. His current work addresses intrusion detection and prevention using virtualization.
Jiang received his PhD in Computer Science from Purdue University, and is currently an assistant professor at North Carolina State University. His research focuses on virtual machines (VMs) and security.
Xu is an Associate Professor of Computer Science and is affiliated with the Center for Education & Research in Information Assurance & Security (CERIAS). His current research focuses on the development of virtualization technologies for computer system security and for virtual distributed computing. He leads the Lab for Research in Emerging Network and Distributed Systems (FRIENDS).