Synthesising monitors from high-level policies for the safe execution of untrusted software

Authors:
Andrew Brown;Mark Ryan
Affiliations:
School of Computer Science, University of Birmingham, Edgbaston, Birmingham, UK;School of Computer Science, University of Birmingham, Edgbaston, Birmingham, UK
Venue:
ISPEC'08 Proceedings of the 4th international conference on Information security practice and experience
Year:
2008

Citing 9
Cited 3

Patterns in property specifications for finite-state verification

Proceedings of the 21st international conference on Software engineering
Enforceable security policies

ACM Transactions on Information and System Security (TISSEC)
Protecting privacy using the decentralized label model

ACM Transactions on Software Engineering and Methodology (TOSEM)
IRM Enforcement of Java Stack Inspection

SP '00 Proceedings of the 2000 IEEE Symposium on Security and Privacy
History-based Access-Control For Mobile Code

History-based Access-Control For Mobile Code
Forensic Discovery

Forensic Discovery
Composing security policies with polymer

Proceedings of the 2005 ACM SIGPLAN conference on Programming language design and implementation
Improving host security with system call policies

SSYM'03 Proceedings of the 12th conference on USENIX Security Symposium - Volume 12
Synthesizing fast intrusion prevention/detection systems from high-level specifications

SSYM'99 Proceedings of the 8th conference on USENIX Security Symposium - Volume 8

Predictability of enforcement

ESSoS'11 Proceedings of the Third international conference on Engineering secure software and systems
Some ideas on virtualized system security, and monitors

DPM'10/SETOP'10 Proceedings of the 5th international Workshop on data privacy management, and 3rd international conference on Autonomous spontaneous security
Iterative enforcement by suppression: Towards practical enforcement theories

Journal of Computer Security - ARSPA-WITS'10

Quantified Score

Hi-index	0.00

Visualization

Abstract

Preventing malware from causing damage to its host system has become a topic of increasing importance over the past decade, as the frequency and impact of malware infections have continued to rise. Most existing approaches to malware defence cannot guarantee complete protection against the threats posed. Execution monitors can be used to defend against malware: they enable a target program's execution to be analysed and can prevent any deviation from its intended behaviour, recovering from such deviations where necessary. They are, however, difficult for the end-user to define or modify. This paper describes a high-level policy language in which users can express a priori judgments about program behavior, which are compiled into execution monitors. We show how this approach can defend against previously unseen malware and software vulnerability exploits.