ACM Transactions on Programming Languages and Systems (TOPLAS)
Dependability certification of software components
Journal of Systems and Software - Special issue on Evaluation and assessment in software engineering
Pinpoint: Problem Determination in Large, Dynamic Internet Services
DSN '02 Proceedings of the 2002 International Conference on Dependable Systems and Networks
PISCES: A Tool for Predicting Software Testability
PISCES: A Tool for Predicting Software Testability
Recent worms: a survey and trends
Proceedings of the 2003 ACM workshop on Rapid malcode
The Art of Computer Virus Research and Defense
The Art of Computer Virus Research and Defense
Using instruction block signatures to counter code injection attacks
ACM SIGARCH Computer Architecture News - Special issue: Workshop on architectural support for security and anti-virus (WASSA)
An Experimental Evaluation on Reliability Features of N-Version Programming
ISSRE '05 Proceedings of the 16th IEEE International Symposium on Software Reliability Engineering
Hi-index | 0.00 |
In a large distributed enterprise multiple organizations may be involved in a collaborative effort to provide software components that they developed and maintain based on their own policies. When a local system downloads a component from a remote system into such an environment, the downloaded component should be checked to find if it contains internal failures or malicious codes before it is executed in the local system. Although the software was tested by the original developer in its local environment, we cannot simply assume that it will work correctly and safely in other organizations' computing environments. Furthermore, there is a possibility that some malicious codes are added to the original component by a mistake or intentionally. To address this problem, we propose a cooperative component-testing architecture that consists of three testing schemes, a provider node testing, a multiple-aspect testing, and a cooperative testing. The proposed architecture is able to effectively and efficiently detect malicious codes in a component. The provider node testing can increase the possibility of choosing the cleanest (least infected) component among components that exist on multiple remote systems. The multiple-aspect testing can improve the ability to detect a fault or malicious contents. And the cooperative testing scheme provides fast detection speed by integrating detection schemes effectively. Finally, we simulate our proposed ideas and provide a performance evaluation.