Patterns in property specifications for finite-state verification
Proceedings of the 21st international conference on Software engineering
ACM Transactions on Information and System Security (TISSEC)
Protecting privacy using the decentralized label model
ACM Transactions on Software Engineering and Methodology (TOSEM)
IRM Enforcement of Java Stack Inspection
SP '00 Proceedings of the 2000 IEEE Symposium on Security and Privacy
History-based Access-Control For Mobile Code
History-based Access-Control For Mobile Code
Forensic Discovery
Composing security policies with polymer
Proceedings of the 2005 ACM SIGPLAN conference on Programming language design and implementation
Improving host security with system call policies
SSYM'03 Proceedings of the 12th conference on USENIX Security Symposium - Volume 12
Synthesizing fast intrusion prevention/detection systems from high-level specifications
SSYM'99 Proceedings of the 8th conference on USENIX Security Symposium - Volume 8
ESSoS'11 Proceedings of the Third international conference on Engineering secure software and systems
Some ideas on virtualized system security, and monitors
DPM'10/SETOP'10 Proceedings of the 5th international Workshop on data privacy management, and 3rd international conference on Autonomous spontaneous security
Iterative enforcement by suppression: Towards practical enforcement theories
Journal of Computer Security - ARSPA-WITS'10
Hi-index | 0.00 |
Preventing malware from causing damage to its host system has become a topic of increasing importance over the past decade, as the frequency and impact of malware infections have continued to rise. Most existing approaches to malware defence cannot guarantee complete protection against the threats posed. Execution monitors can be used to defend against malware: they enable a target program's execution to be analysed and can prevent any deviation from its intended behaviour, recovering from such deviations where necessary. They are, however, difficult for the end-user to define or modify. This paper describes a high-level policy language in which users can express a priori judgments about program behavior, which are compiled into execution monitors. We show how this approach can defend against previously unseen malware and software vulnerability exploits.