Computer
iContract - The Java(tm) Design by Contract(tm) Tool
TOOLS '98 Proceedings of the Technology of Object-Oriented Languages and Systems
Java-MaC: A Run-Time Assurance Approach for Java Programs
Formal Methods in System Design
Basic Concepts and Taxonomy of Dependable and Secure Computing
IEEE Transactions on Dependable and Secure Computing
A Taxonomy and Catalog of Runtime Software-Fault Monitoring Tools
IEEE Transactions on Software Engineering
PRIMA: policy-reduced integrity measurement architecture
Proceedings of the eleventh ACM symposium on Access control models and technologies
Inference and enforcement of data structure consistency specifications
Proceedings of the 2006 international symposium on Software testing and analysis
The DaCapo benchmarks: java benchmarking development and analysis
Proceedings of the 21st annual ACM SIGPLAN conference on Object-oriented programming systems, languages, and applications
Copilot - a coprocessor-based kernel runtime integrity monitor
SSYM'04 Proceedings of the 13th conference on USENIX Security Symposium - Volume 13
Design and implementation of a TCG-based integrity measurement architecture
SSYM'04 Proceedings of the 13th conference on USENIX Security Symposium - Volume 13
Semantic remote attestation: a virtual machine directed approach to trusted computing
VM'04 Proceedings of the 3rd conference on Virtual Machine Research And Technology Symposium - Volume 3
USENIX-SS'06 Proceedings of the 15th conference on USENIX Security Symposium - Volume 15
Mop: an efficient and generic runtime verification framework
Proceedings of the 22nd annual ACM SIGPLAN conference on Object-oriented programming systems and applications
Linux kernel integrity measurement using contextual inspection
Proceedings of the 2007 ACM workshop on Scalable trusted computing
Automated detection of persistent kernel control-flow attacks
Proceedings of the 14th ACM conference on Computer and communications security
DySy: dynamic symbolic execution for invariant inference
Proceedings of the 30th international conference on Software engineering
Efficient runtime invariant checking: a framework and case study
WODA '08 Proceedings of the 2008 international workshop on dynamic analysis: held in conjunction with the ACM SIGSOFT International Symposium on Software Testing and Analysis (ISSTA 2008)
Improving coherency of runtime integrity measurement
Proceedings of the 3rd ACM workshop on Scalable trusted computing
Automatic Inference and Enforcement of Kernel Data Structure Invariants
ACSAC '08 Proceedings of the 2008 Annual Computer Security Applications Conference
Attestation: Evidence and Trust
ICICS '08 Proceedings of the 10th International Conference on Information and Communications Security
Koko: engineering affective applications
Proceedings of The 8th International Conference on Autonomous Agents and Multiagent Systems - Volume 2
Automatically patching errors in deployed software
Proceedings of the ACM SIGOPS 22nd symposium on Operating systems principles
Mapping kernel objects to enable systematic integrity checking
Proceedings of the 16th ACM conference on Computer and communications security
Runtime checking for program verification
RV'07 Proceedings of the 7th international conference on Runtime verification
Bootstrapping Trust in Commodity Computers
SP '10 Proceedings of the 2010 IEEE Symposium on Security and Privacy
Java-MOP: a monitoring oriented programming environment for java
TACAS'05 Proceedings of the 11th international conference on Tools and Algorithms for the Construction and Analysis of Systems
FATES'06/RV'06 Proceedings of the First combined international conference on Formal Approaches to Software Testing and Runtime Verification
Verifying system integrity by proxy
TRUST'12 Proceedings of the 5th international conference on Trust and Trustworthy Computing
Hi-index | 0.00 |
Runtime integrity measurement systems provide the capability to observe the runtime state of a process and to determine whether or not it is acceptable. Existing software systems tend to forgo integrity checks altogether or to enlist static mechanisms (e.g., assertions) to detect unacceptable process states at runtime. A large and growing base of malicious software necessitates more sophisticated handling of threats to process integrity. In this paper, we describe an approach to runtime integrity measurement we call the Java Measurement Framework (JMF) that presents a new way to define and check runtime integrity policies. We define a policy language based on Java that provides an accessible way to write integrity policies and we describe a periodic, dynamic measurer that obtains snapshots of process state, which are evaluated with respect to a policy by an appraiser. With full process state available to the appraiser, policies can express rich relationships between multiple objects, thereby detecting abnormalities in an application's data structures. Our framework may be used to detect a powerful adversary who has the capability to modify both the runtime bytecode and data structures of Java applications. We show that our prototype implementation in Java has acceptable overhead and that it can be used to detect runtime integrity violations in several real Java programs.