A format-independent architecture for run-time integrity checking of executable code

Authors:
Luigi Catuogno;Ivan Visconti
Affiliations:
Dipartimento di Informatica ed Applicazioni, Università di Salerno, Baronissi, SA, Italy;Dipartimento di Informatica ed Applicazioni, Università di Salerno, Baronissi, SA, Italy
Venue:
SCN'02 Proceedings of the 3rd international conference on Security in communication networks
Year:
2002

Citing 7
Cited 4

The design and implementation of tripwire: a file system integrity checker

CCS '94 Proceedings of the 2nd ACM Conference on Computer and communications security
Cryptography: Theory and Practice

Cryptography: Theory and Practice
Personal Secure Booting

ACISP '01 Proceedings of the 6th Australasian Conference on Information Security and Privacy
A secure and reliable bootstrap architecture

SP '97 Proceedings of the 1997 IEEE Symposium on Security and Privacy
Detecting and countering system intrusions using software wrappers

SSYM'00 Proceedings of the 9th conference on USENIX Security Symposium - Volume 9
The BSD packet filter: a new architecture for user-level packet capture

USENIX'93 Proceedings of the USENIX Winter 1993 Conference Proceedings on USENIX Winter 1993 Conference Proceedings
StackGuard: automatic adaptive detection and prevention of buffer-overflow attacks

SSYM'98 Proceedings of the 7th conference on USENIX Security Symposium - Volume 7

Is a bot at the controls?: Detecting input data attacks

Proceedings of the 6th ACM SIGCOMM workshop on Network and system support for games
Proxy smart card systems

WISTP'10 Proceedings of the 4th IFIP WG 11.2 international conference on Information Security Theory and Practices: security and Privacy of Pervasive Systems and Smart Devices
SmartK: Smart cards in operating systems at kernel level

Information Security Tech. Report
Reliable accounting in grids

International Journal of High Performance Computing and Networking

Quantified Score

Hi-index	0.00

Visualization

Abstract

A robust architecture against network intrusions plays a main role for information security and service reliability. An intruder that obtains an unauthorized access to a remote system could read restricted information or hide this access for future and eventually more dangerous actions. Temporary intrusions can become permanent (i.e., resistant to reboots) if malicious code is installed in a system not adequately protected. In this paper we propose an infrastructure for the run-time integrity checking of executable code. Our approach is general as the specification of our infrastructure includes support for every file format. Moreover we also present our implementation that supports run-time integrity checking for ELF and shell script files. Experimental results show that our solution is a practical and effective protection for workstations connected to the Internet offering services to local and remote users.