Projects / ReVirt

ReVirt

ReVirt is part of the CoVirt project, which investigated on the use of virtual machines to provide security in an operating-system-independent manner to enable the security system to function independently from the guest operating system. ReVirt logs enough information to replay the entire intrusive sequence instruction-by-instruction so that a detailed observation on the attack can be documented. It includes a system called BackTracker that helps system administrators understand (and thereby recover from) an intrusion, by automatically identifying potential sequences of steps that occurred in an intrusion. Starting with a single detection point (e.g., a suspicious file), BackTracker identifies files and processes that could have affected that detection point and displays chains of events in a dependency graph.

Tags
Licenses
Operating Systems

Recent releases

  •  08 Jun 2003 04:15

    No changes have been submitted for this release.

    Screenshot

    Project Spotlight

    OpenStack4j

    A Fluent OpenStack client API for Java.

    Screenshot

    Project Spotlight

    TurnKey TWiki Appliance

    A TWiki appliance that is easy to use and lightweight.