Rixner, Scott2021-12-062021-12-062021-122021-12-02December 2Ding, Chenkai. "Evaluate Namespace as a Labeling System for Malware Detection." (2021) Master’s Thesis, Rice University. <a href="https://hdl.handle.net/1911/111748">https://hdl.handle.net/1911/111748</a>.https://hdl.handle.net/1911/111748Nowadays, kernel tracing tools are built on limited Linux features. In this thesis, we explore a new method to help improving kernel tracing. We modified Memorizer, a novel kernel tracing tool that offers a comprehensive coverage of kernel accesses, and combined it with the Linux Namespace system. As an original compartment feature in Linux, introducing namespaces gives us a chance to describe kernel accesses and exploit behaviors in a different perspective. Experiments showed that our modified Memorizer can provide novel insights about how the kernel works between modules and containers. Moreover, we proposed a series of analysis methods that allows us to extract a small and unique profile for a certain exploit, which could contribute to developing security identifying software in the future.application/pdfengCopyright is held by the author, unless otherwise indicated. Permission to reuse, publish, or reproduce the work beyond the bounds of fair use or other exemptions to copyright law must be obtained from the copyright holder.LinuxNamespaceContainerSecurityMalware detectionThesis2021-12-06