• 主题
高级搜索  >
历史搜索 清空历史
首页> 外文学位 >Practical information flow based techniques to safeguard host integrity.
【24h】

Practical information flow based techniques to safeguard host integrity.

机译:基于实用信息流的技术可保护主机完整性。

获取原文
获取原文并翻译 | 示例
页面导航
  • 摘要
  • 著录项
  • 相似文献
  • 相关主题

摘要

Security threats have escalated rapidly over the past few years. Malware, zero-day attacks and rootkits are now common terms heard over the media, drawing attention from large enterprises to regular computer users. What makes it worse is that cyber crime has become financially lucrative, leading to the formation of organizations that specialize in the development and trading of malware. As a result, computer attacks have become more sophisticated and more stealthy, and can evade most of today's defenses.;SEE (Safe Execution Environment) is suitable for running stand-alone untrusted applications in a secure way. It employs one-way isolation: processes running within the SEE are given read-access to the environment provided by the host OS, but their write operations are prevented from escaping outside the SEE. As a result, SEE processes cannot impact the behavior of host OS processes, or the integrity of data on the host OS. It provides a convenient way for users to inspect system changes made within the SEE. If the user does not accept these changes, they can be rolled back at the click of a button. Otherwise, the changes can be "committed" so as to become visible outside the SEE. We provide consistency criteria that ensure semantic consistency of the committed results. Our implementation results show that most software, including fairly complex server and client applications, can run successfully within the SEE. The approach introduces low performance overheads, typically below 10%.;The second approach PPI (Practical Proactive Integrity Preservation) aims at providing integrity guarantees at the whole system level. It focuses on proactive integrity protection by decoupling integrity labels from low-level policies that specify how to resolve accesses causing information flows that may compromise integrity. Therefore, a richer set of security levels, and more flexible policy choices can be specified to promote usability. We then develop an analysis technique that can largely automate the generation of integrity labels and policies that preserve the usability of applications in most cases. The evaluation of our implementation on Linux desktop distributions indicates that it can stop a variety of sophisticated malware attacks, while remaining usable.;Current defensive approaches like code analysis and behavior blocking can be either difficult to utilize or be evaded by indirect attacks. In contrast, techniques based on information-flow blocking can provide assurances about system integrity even in the face of sophisticated attacks. However, there has not been much success in applying information flow based techniques to modern COTS operating systems to provide satisfactory results in the aspects of security, usability, and scope. This is, in part, due to the fact that a strict application of information flow policy can break existing applications. Another important factor is the difficulty of policy development. We therefore develop two approaches in an effort to address these issues.
机译:在过去的几年中,安全威胁迅速升级。如今,恶意软件,零时差攻击和rootkit是在媒体上听到的常用术语,引起了大型企业对常规计算机用户的关注。更糟糕的是,网络犯罪在财务上已经变得有利可图,导致形成了专门从事恶意软件开发和交易的组织。结果,计算机攻击变得更加复杂和隐秘,并且可以逃避当今的大多数防御。SEE(安全执行环境)适用于以安全方式运行独立的不受信任的应用程序。它采用单向隔离:在SEE中运行的进程被授予对由主机OS提供的环境的读取访问权限,但可以防止其写操作逃逸到SEE外部。结果,SEE进程不会影响主机OS进程的行为或主机OS上数据的完整性。它为用户提供了一种方便的方法来检查SEE中进行的系统更改。如果用户不接受这些更改,则可以通过单击按钮来回滚它们。否则,可以“提交”更改,以便在SEE外部可见。我们提供一致性标准,以确保所提交结果的语义一致性。我们的实施结果表明,大多数软件,包括相当复杂的服务器和客户端应用程序,都可以在SEE中成功运行。该方法引入了较低的性能开销,通常低于10%。第二种方法PPI(实用的主动完整性保护)旨在在整个系统级别提供完整性保证。它通过将完整性标签与指定如何解决导致信息流可能损害完整性的访问的低级策略分离开来,专注于主动式完整性保护。因此,可以指定一组更丰富的安全级别和更灵活的策略选择以提高可用性。然后,我们开发一种分析技术,该技术可在很大程度上使保持完整的应用程序可用性的完整性标签和策略的生成自动化。对我们在Linux桌面发行版上的实现的评估表明,它可以阻止各种复杂的恶意软件攻击,同时仍然可用。;当前的防御方法(例如代码分析和行为阻止)可能难以利用,也可能被间接攻击规避。相反,即使面对复杂的攻击,基于信息流阻止的技术也可以提供有关系统完整性的保证。但是,将基于信息流的技术应用于现代COTS操作系统以在安全性,可用性和范围方面提供令人满意的结果并没有取得太大的成功。部分原因是由于严格应用信息流策略可能会破坏现有应用程序。另一个重要因素是政策制定的难度。因此,我们开发了两种方法来解决这些问题。

著录项

  • 作者

    Sun, Weiqing.;

  • 作者单位

    State University of New York at Stony Brook.;

  • 授予单位 State University of New York at Stony Brook.;
  • 学科 Computer Science.
  • 学位 Ph.D.
  • 年度 2008
  • 页码 112 p.
  • 总页数 112
  • 原文格式 PDF
  • 正文语种 eng
  • 中图分类
  • 关键词

相似文献

  • 外文文献
  • 中文文献
  • 专利
获取原文

客服邮箱:kefu@zhangqiaokeyan.com

京公网安备:11010802029741号 ICP备案号:京ICP备15016152号-6 六维联合信息科技 (北京) 有限公司©版权所有

  • 客服微信

  • 服务号