Show simple item record

dc.contributor.authorAlmohri, Hussain M. J.en_US
dc.contributor.authorYao, Danfeng (Daphne)en_US
dc.contributor.authorKafura, Dennis G.en_US
dc.date.accessioned2013-06-19T14:36:56Z
dc.date.available2013-06-19T14:36:56Z
dc.date.issued2011
dc.identifierhttp://eprints.cs.vt.edu/archive/00001169/en_US
dc.identifier.urihttp://hdl.handle.net/10919/19408
dc.descriptionThe work described in this paper investigates the problem of identifying and deterring stealthy malicious processes on a host. We point out the lack of strong application iden- tication in main stream operating systems. We solve the application identication problem by proposing a novel iden- tication model in which user-level applications are required to present identication proofs at run time to be authenti- cated by the kernel using an embedded secret key. The se- cret key of an application is registered with a trusted kernel using a key registrar and is used to uniquely authenticate and authorize the application. We present a protocol for secure authentication of applications. Additionally, we de- velop a system call monitoring architecture that uses our model to verify the identity of applications when making critical system calls. Our system call monitoring can be integrated with existing policy specication frameworks to enforce application-level access rights. We implement and evaluate a prototype of our monitoring architecture in Linux as device drivers with nearly no modication of the ker- nel. The results from our extensive performance evaluation shows that our prototype incurs low overhead, indicating the feasibility of our model.en_US
dc.format.mimetypeapplication/pdfen_US
dc.publisherDepartment of Computer Science, Virginia Polytechnic Institute & State Universityen_US
dc.subjectParallel computationen_US
dc.titleIdentifying Native Applications with High Assuranceen_US
dc.typeTechnical reporten_US
dc.identifier.trnumberTR-11-20en_US
dc.type.dcmitypeTexten_US
dc.identifier.sourceurlhttp://eprints.cs.vt.edu/archive/00001169/01/codaspy12.pdf


Files in this item

Thumbnail

This item appears in the following Collection(s)

Show simple item record