Crimeware Swindling Without Virtual Machines
In previous work, the authors introduced a bait-injection system designed to delude and detect crimeware by forcing it to reveal itself during the exploitation of captured information. Although effective as a technique, the original system was practically limited, as it was implemented in a personal VM environment. In this paper, the authors investigate how to extend the system by applying it to personal workstation environments. Adapting the system to such a different environment reveals a number of challenging issues, such as scalability, portability, and choice of physical communication means. The authors provide implementation details and evaluate the effectiveness of the new architecture.