Preventing Execution of Unauthorized Native-Code Software
Resh, A., Kiperberg, M., Leon, R., & Zaidenberg, N. J. (2017). Preventing Execution of Unauthorized Native-Code Software. International Journal of Digital Content Technology and its Applications, 11(3), 72-90. http://www.globalcis.org/jdcta/ppl/JDCTA3804PPL.pdf
© the Authors & Convergence Information Society, 2017. This is an open access article published by GlobalCIS.
The business world is exhibiting a growing dependency on computer systems, their operations and the databases they contain. Unfortunately, it also suffers from an ever growing recurrence of malicious software attacks. Malicious attack vectors are diverse and the computer-security industry is producing an abundance of behavioral-pattern detections to combat the phenomenon. This paper proposes an alternative approach, based on the implementation of an attested, and thus trusted, thin-hypervisor. Secondary level address translation tables, governed and fully controlled by the hypervisor, are configured in order to assure that only pre-whitelisted instructions can be executed in the system. This methodology provides resistance to most APT attack vectors, including those based on zero-day vulnerabilities that may slip under behavioral-pattern radars.
PublisherConvergence Information Society (GlobalCIS)
ISSN Search the Publication Forum1975-9339
Publication in research information system
MetadataShow full item record
Showing items with similar title or keywords.
Enforcing trust for execution-protection in modern environments Resh, Amit (University of Jyväskylä, 2016)The business world is exhibiting a growing dependency on computer systems, their operations and the databases they contain. Unfortunately, it also suffers from an ever growing recurrence of malicious software attacks. ...
Preventing reverse engineering of native and managed programs Kiperberg, Michael (University of Jyväskylä, 2015)One of the important aspects of protecting software from attack, theft of algorithms, or illegal software use is eliminating the possibility of performing reverse engineering. One common method used to deal with these ...
System for Executing Encrypted Native Programs Resh, Amit; Kiperberg, Michael; Leon, Roee; Zaidenberg, Nezer (Convergence Information Society (GlobalCIS), 2017)An important aspect of protecting software from attack, theft of algorithms, or illegal software use, is eliminating the possibility of performing reverse engineering. One common method to deal with these issues is code ...
H-KPP : Hypervisor-Assisted Kernel Patch Protection Kiperberg, Michael; Zaidenberg, Nezer Jacob (MDPI AG, 2022)We present H-KPP, hypervisor-based protection for kernel code and data structures. H-KPP prevents the execution of unauthorized code in kernel mode. In addition, H-KPP protects certain object fields from malicious ...
Hypervisor-based Protection of Code Kiperberg, Michael; Leon, Roee; Resh, Amit; Algawi, Asaf; Zaidenberg, Nezer J. (IEEE, 2019)The code of a compiled program is susceptible to reverse-engineering attacks on the algorithms and the business logic that are contained within the code. The main existing countermeasure to reverse-engineering is obfuscation. ...