Preventing Execution of Unauthorized Native-Code Software
Resh, A., Kiperberg, M., Leon, R., & Zaidenberg, N. J. (2017). Preventing Execution of Unauthorized Native-Code Software. International Journal of Digital Content Technology and its Applications, 11(3), 72-90. http://www.globalcis.org/jdcta/ppl/JDCTA3804PPL.pdf
Julkaistu sarjassa
International Journal of Digital Content Technology and its ApplicationsPäivämäärä
2017Tekijänoikeudet
© the Authors & Convergence Information Society, 2017. This is an open access article published by GlobalCIS.
The business world is exhibiting a growing dependency on computer systems, their operations and
the databases they contain. Unfortunately, it also suffers from an ever growing recurrence of malicious
software attacks. Malicious attack vectors are diverse and the computer-security industry is producing
an abundance of behavioral-pattern detections to combat the phenomenon. This paper proposes an
alternative approach, based on the implementation of an attested, and thus trusted, thin-hypervisor.
Secondary level address translation tables, governed and fully controlled by the hypervisor, are
configured in order to assure that only pre-whitelisted instructions can be executed in the system. This
methodology provides resistance to most APT attack vectors, including those based on zero-day
vulnerabilities that may slip under behavioral-pattern radars.
Julkaisija
Convergence Information Society (GlobalCIS)ISSN Hae Julkaisufoorumista
1975-9339
Alkuperäislähde
http://www.globalcis.org/jdcta/ppl/JDCTA3804PPL.pdfJulkaisu tutkimustietojärjestelmässä
https://converis.jyu.fi/converis/portal/detail/Publication/26510832
Metadata
Näytä kaikki kuvailutiedotKokoelmat
Samankaltainen aineisto
Näytetään aineistoja, joilla on samankaltainen nimeke tai asiasanat.
-
System for Executing Encrypted Native Programs
Resh, Amit; Kiperberg, Michael; Leon, Roee; Zaidenberg, Nezer (Convergence Information Society (GlobalCIS), 2017)An important aspect of protecting software from attack, theft of algorithms, or illegal software use, is eliminating the possibility of performing reverse engineering. One common method to deal with these issues is code ... -
Enforcing trust for execution-protection in modern environments
Resh, Amit (University of Jyväskylä, 2016)The business world is exhibiting a growing dependency on computer systems, their operations and the databases they contain. Unfortunately, it also suffers from an ever growing recurrence of malicious software attacks. ... -
Preventing reverse engineering of native and managed programs
Kiperberg, Michael (University of Jyväskylä, 2015)One of the important aspects of protecting software from attack, theft of algorithms, or illegal software use is eliminating the possibility of performing reverse engineering. One common method used to deal with these ... -
Hypervisor-Based White Listing of Executables
Leon, Roee S; Kiperberg, Michael; Zabag, Anat Anatey Leon; Resh, Amit; Algawi, Asaf; Zaidenberg, Nezer J. (IEEE Computer Society Press, 2019)We describe an efficient system for ensuring code integrity of an operating system (OS), both its own code and application code. The proposed system can protect from an attacker who has full control over the OS kernel. An ... -
Hypervisor-based Protection of Code
Kiperberg, Michael; Leon, Roee; Resh, Amit; Algawi, Asaf; Zaidenberg, Nezer J. (IEEE, 2019)The code of a compiled program is susceptible to reverse-engineering attacks on the algorithms and the business logic that are contained within the code. The main existing countermeasure to reverse-engineering is obfuscation. ...
Ellei toisin mainittu, julkisesti saatavilla olevia JYX-metatietoja (poislukien tiivistelmät) saa vapaasti uudelleenkäyttää CC0-lisenssillä.