Security News > 2021 > May > This ambitious Microsoft project aims to fix cloud computing security

Microsoft Research's Project Freta aims to find invisible malware running on the cloud.

Attackers have invested in smarter malware that can get around traditional security tooling, hiding underneath the operating system in memory, masking tell-tale signatures, and even deleting itself as soon as it detects security systems in action.

A Microsoft research project, Project Freta, aims to change that, providing tools to identify malware running on virtual machines in the cloud.

There's a fundamental problem in how we look for malware: much of what we use is designed to work in a pre-virtualisation world, and recent research has shown that it's possible for malware to detect whether it's being monitored by hypervisor security tools that are working outside the virtual machine.

There's another reason why using the cloud is essential, as modern memory protection techniques randomise memory usage and copying to decode memory quickly could alert malware that it is being attacked, so analysis requires significant compute resources to unscramble and decode memory using brute-force techniques.

It's an interesting tool that gives a feel for the type of data Project Freta can get from an image, with an indicator of possible hidden malware for further analysis.

News URL

https://www.techrepublic.com/article/this-ambitious-microsoft-project-aims-to-fix-cloud-computing-security/#ftag=RSS56d97e7