Projects / ReVirt

ReVirt

ReVirt is part of the CoVirt project, which investigated on the use of virtual machines to provide security in an operating-system-independent manner to enable the security system to function independently from the guest operating system. ReVirt logs enough information to replay the entire intrusive sequence instruction-by-instruction so that a detailed observation on the attack can be documented. It includes a system called BackTracker that helps system administrators understand (and thereby recover from) an intrusion, by automatically identifying potential sequences of steps that occurred in an intrusion. Starting with a single detection point (e.g., a suspicious file), BackTracker identifies files and processes that could have affected that detection point and displays chains of events in a dependency graph.

Tags
Licenses
Operating Systems

RSS Recent releases

No changes have been submitted for this release.

Screenshot

Project Spotlight

gjots

A note jotter that organizes ideas, notes, and facts in a heirarchy.

Screenshot

Project Spotlight

Task Coach

A friendly task manager.