Linux Journal
ACM Transactions on Information and System Security (TISSEC)
Proceedings of the FREENIX Track: 2001 USENIX Annual Technical Conference
Integrating Flexible Support for Security Policies into the Linux Operating System
Proceedings of the FREENIX Track: 2001 USENIX Annual Technical Conference
Safe Virtual Execution Using Software Dynamic Translation
ACSAC '02 Proceedings of the 18th Annual Computer Security Applications Conference
Model-carrying code: a practical approach for safe execution of untrusted applications
SOSP '03 Proceedings of the nineteenth ACM symposium on Operating systems principles
Xen and the art of virtualization
SOSP '03 Proceedings of the nineteenth ACM symposium on Operating systems principles
Isolated Program Execution: An Application Transparent Approach for Executing Untrusted Programs
ACSAC '03 Proceedings of the 19th Annual Computer Security Applications Conference
An Approach for Secure Software Installation
LISA '02 Proceedings of the 16th USENIX conference on System administration
Nix: A Safe and Policy-Free System for Software Deployment
LISA '04 Proceedings of the 18th USENIX conference on System administration
Solaris Zones: Operating System Support for Consolidating Commercial Workloads
LISA '04 Proceedings of the 18th USENIX conference on System administration
A feather-weight virtual machine for windows applications
Proceedings of the 2nd international conference on Virtual execution environments
Back to the Future: A Framework for Automatic Malware Removal and System Repair
ACSAC '06 Proceedings of the 22nd Annual Computer Security Applications Conference
MAPbox: using parameterized behavior classes to confine untrusted applications
SSYM'00 Proceedings of the 9th conference on USENIX Security Symposium - Volume 9
Improving host security with system call policies
SSYM'03 Proceedings of the 12th conference on USENIX Security Symposium - Volume 12
Usable Mandatory Integrity Protection for Operating Systems
SP '07 Proceedings of the 2007 IEEE Symposium on Security and Privacy
A secure environment for untrusted helper applications confining the Wily Hacker
SSYM'96 Proceedings of the 6th conference on USENIX Security Symposium, Focusing on Applications of Cryptography - Volume 6
A domain and type enforcement UNIX prototype
SSYM'95 Proceedings of the 5th conference on USENIX UNIX Security Symposium - Volume 5
A user-mode port of the linux kernel
ALS'00 Proceedings of the 4th annual Linux Showcase & Conference - Volume 4
Practical Proactive Integrity Preservation: A Basis for Malware Defense
SP '08 Proceedings of the 2008 IEEE Symposium on Security and Privacy
A control point for reducing root abuse of file-system privileges
Proceedings of the 17th ACM conference on Computer and communications security
Combining Discretionary Policy with Mandatory Information Flow in Operating Systems
ACM Transactions on Information and System Security (TISSEC)
A portable user-level approach for system-wide integrity protection
Proceedings of the 29th Annual Computer Security Applications Conference
| Hi-index | 0.00 |
Software installation provides an attractive entry vector for malware: since installations are performed with administrator privileges, malware can easily get the enhanced level of access needed to install backdoors, spyware, rootkits, or "bot" software, and to hide these installations from users. Previous research has been focused mainly on securing the execution phase of untrusted software, while largely ignoring the safety of installations. Even security-enhanced operating systems such as SELinux and Vista don't usually impose restrictions during software installs, expecting the system administrator to "know what she is doing." This paper addresses this "gap in armor" by securing software installations. Our technique can support a diversity of package managers and software installers. It is based on a framework that simplifies the development and enforcement of policies that govern safety of installations. We present a simple policy that can be used to prevent untrusted software from modifying any of the files used by benign software packages, thus blocking the most common mechanism used by malware to ensure that it is run automatically after each system reboot. While the scope of our technique is limited to the installation phase, it can be easily combined with approaches for secure execution, e.g., by ensuring that all future runs of an untrusted package will take place within an administrator-specified sandbox. Our experimental evaluation has considered over one hundred benign and untrusted software packages. Our technique was able to block malicious packages among these without breaking non-malicious ones.