EEL: machine-independent executable editing
PLDI '95 Proceedings of the ACM SIGPLAN 1995 conference on Programming language design and implementation
Intrusion Detection Using Variable-Length Audit Trail Patterns
RAID '00 Proceedings of the Third International Workshop on Recent Advances in Intrusion Detection
Detecting Manipulated Remote Call Streams
Proceedings of the 11th USENIX Security Symposium
A secure and reliable bootstrap architecture
SP '97 Proceedings of the 1997 IEEE Symposium on Security and Privacy
Intrusion Detection via Static Analysis
SP '01 Proceedings of the 2001 IEEE Symposium on Security and Privacy
BIND: A Fine-Grained Attestation Service for Secure Distributed Systems
SP '05 Proceedings of the 2005 IEEE Symposium on Security and Privacy
Pin: building customized program analysis tools with dynamic instrumentation
Proceedings of the 2005 ACM SIGPLAN conference on Programming language design and implementation
PRIMA: policy-reduced integrity measurement architecture
Proceedings of the eleventh ACM symposium on Access control models and technologies
Design and implementation of a TCG-based integrity measurement architecture
SSYM'04 Proceedings of the 13th conference on USENIX Security Symposium - Volume 13
Intrusion detection using sequences of system calls
Journal of Computer Security
A sense of self for Unix processes
SP'96 Proceedings of the 1996 IEEE conference on Security and privacy
A fast static analysis approach to detect exploit code inside network flows
RAID'05 Proceedings of the 8th international conference on Recent Advances in Intrusion Detection
A new trusted roaming protocol in wireless mesh networks
International Journal of Sensor Networks
| Hi-index | 0.00 |
The trust of an entity is based on its behavior's trust in trusted computing technology, and software's trust can be measured dynamically by its behavior when it is executing. However, conducting dynamic measurement is a big challenge. Defining and building software's behavior is the basic work of measuring software trust. A behavior-based dynamic measurement model for an execution program is provided, which applies the method of describing program behavior by control flow graph to dynamic trust measurement. The model first measures the program before it is loaded, then generates the expected behavior model of the program according to static analysis. Then, the model monitors the program's execution in real time by verifying the flow branches of the program with the expected behavior model. Finally, the paper analyzes the security of this model and indicates that this model is able to protect against some codeinjection attacks which can't be handled by the traditional static measurement method.