We are living in a world where technology is improving day-by-day. New inventions create more space for malware and other internet intruders. Despite having antivirus and other advanced tools, there are always some chances that hackers, viruses, or any other intruder will ruin the security of your device. Attackers are so advanced that they create undetectable malware, and gain high economic value. And this undetectable malware can be used multiple times. Even a good antivirus cannot detect this malware, as these are built in a way that they are not included as a part of attack reporting, and the user of the device never gets any alert of the data theft event. There are a lot of virtual machines that are running seamlessly on the cloud of your Microsoft device, but before this point, there was no way to scan malware on it.
Virtual machines are a software version of computers that runs in a cloud, and they replicate a computer that runs on operating systems like Linux or Windows. Some of them can also run on a single piece of hardware simultaneously. Due to this, the clouds are now running these virtual machines concurrently, which is not a good news for the system administrators, as they don’t want to compromise with the security. So, the systems administrators have to make sure that neither of these virtual machines run malware on your device.
Some cloud management tools manage the problems by scanning the virtual machines for malware, but it should always run on supporting software on each virtual machine to work properly. Search tools can consume a lot of time to scan the malware, and it also alerts the malware that something is trying to detect it. In such cases, the malware tends to terminate itself and hide from the detecting tools.
Thus, the Microsoft Research team has developed a new system called Project Freta that scans malware on the cloud. Project Freta is a free service that will detect evidence of the operating system and sensor sabotage in the memory snapshots of live Linux systems. Project Freta begins a roadmap towards trusted sensing for the clouds that can allow enterprises to engage in regular and complete discovery for this undetected malware. The Microsoft research developers have separated the security plane from the computing planes in a way that it can scan a large number of VMs or virtual machines without alerting them.
Project Freta hides when it tries to detect the virtual machine’s memory without running anything on it to prevent the virtual machines from hiding themselves. Then Project Freta brings all the system objects that the VM holds based on an in-live memory snapshot of the Linux or Windows system. It also looks for processes, kernel modules, networks, in-memory files, and other things on the system. The system can then detect rootkits and advanced malware, which leads to the processing of VMC, and the system equips the fingerprint operating system from the memory image.
This system is available for test on Azure accounts. Microsoft is, currently, denying access to some extra functionalities that enable the system to copy memory from the live virtual machines for offline analysis. This will allow users to detect more than 10,000 virtual machines at a time. Soon, these features will be available to all the users.
Jackson Henry. I’m a writer living in USA. I am a fan of technology, arts, and reading. I’m also interested in writing and education. You can read my blog with a click on the button above.
Source- Malware Scanner by Microsoft