Simple and Practical Integrity Models for Binaries and Files

Abstract : Software environments typically depend on implicit sharing of binaries where binaries are created, loaded/executed and updated dynamically which we call the binary lifecycle. Windows is one example where many attacks exploit vulnerabilities in the binary lifecycle of software. In this paper, we propose a family of binary integrity models with a simple and easy to use trust model, to help protect against such attacks. We implement a prototype in Windows which protects against a variety of common binary attacks. Our models are easy to use while maintaining existing software compatibility, i.e. work with the implicit binary lifecycle requirements of the software and assumptions on binary sharing. We also propose a conservative extension to protect critical non-binary files.
Type de document :
Communication dans un congrès
Christian Damsgaard Jensen; Stephen Marsh; Theo Dimitrakos; Yuko Murayama. 9th IFIP International Conference on Trust Management (TM), May 2015, Hamburg, Germany. IFIP Advances in Information and Communication Technology, AICT-454, pp.30-46, 2015, Trust Management IX. 〈10.1007/978-3-319-18491-3_3〉
Liste complète des métadonnées

Littérature citée [9 références]  Voir  Masquer  Télécharger

https://hal.inria.fr/hal-01416206
Contributeur : Hal Ifip <>
Soumis le : mercredi 14 décembre 2016 - 11:03:51
Dernière modification le : mercredi 14 décembre 2016 - 11:15:46
Document(s) archivé(s) le : mercredi 15 mars 2017 - 13:27:35

Fichier

337890_1_En_3_Chapter.pdf
Fichiers produits par l'(les) auteur(s)

Licence


Distributed under a Creative Commons Paternité 4.0 International License

Identifiants

Citation

Yongzheng Wu, Roland Yap. Simple and Practical Integrity Models for Binaries and Files. Christian Damsgaard Jensen; Stephen Marsh; Theo Dimitrakos; Yuko Murayama. 9th IFIP International Conference on Trust Management (TM), May 2015, Hamburg, Germany. IFIP Advances in Information and Communication Technology, AICT-454, pp.30-46, 2015, Trust Management IX. 〈10.1007/978-3-319-18491-3_3〉. 〈hal-01416206〉

Partager

Métriques

Consultations de la notice

25

Téléchargements de fichiers

1