The design and implementation of tripwire: a file system integrity checker
CCS '94 Proceedings of the 2nd ACM Conference on Computer and communications security
DigSig: Runtime Authentication of Binaries at Kernel Level
LISA '04 Proceedings of the 18th USENIX conference on System administration
Hardening Web browsers against man-in-the-middle and eavesdropping attacks
WWW '05 Proceedings of the 14th international conference on World Wide Web
Avfs: an on-access anti-virus file system
SSYM'04 Proceedings of the 13th conference on USENIX Security Symposium - Volume 13
Improving security decisions with polymorphic and audited dialogs
Proceedings of the 3rd symposium on Usable privacy and security
Anti-Phishing Phil: the design and evaluation of a game that teaches people not to fall for phish
Proceedings of the 3rd symposium on Usable privacy and security
Self-signed executables: restricting replacement of program binaries by malware
HOTSEC'07 Proceedings of the 2nd USENIX workshop on Hot topics in security
A framework for reasoning about the human in the loop
UPSEC'08 Proceedings of the 1st Conference on Usability, Psychology, and Security
Proceedings of the 15th ACM conference on Computer and communications security
CloudAV: N-version antivirus in the network cloud
SS'08 Proceedings of the 17th conference on Security symposium
Using reinforcement to strengthen users' secure behaviors
Proceedings of the SIGCHI Conference on Human Factors in Computing Systems
Information Security Management Handbook, Sixth Edition, Volume 2
Information Security Management Handbook, Sixth Edition, Volume 2
Proceedings of the Sixth Symposium on Usable Privacy and Security
Folk models of home computer security
Proceedings of the Sixth Symposium on Usable Privacy and Security
BLADE: an attack-agnostic approach for preventing drive-by malware infections
Proceedings of the 17th ACM conference on Computer and communications security
Proceedings of the 3rd ACM workshop on Assurable and usable security configuration
Towards a binary integrity system for windows
Proceedings of the 6th ACM Symposium on Information, Computer and Communications Security
BitShred: feature hashing malware for scalable triage and semantic analysis
Proceedings of the 18th ACM conference on Computer and communications security
| Hi-index | 0.00 |
Malware has been a major security problem both in organizations and homes for more than a decade. One common feature of most malware attacks is that at a certain point early in the attack, an executable is dropped on the system which, when executed, enables the attacker to achieve their goals and maintain control of the compromised machine. In this paper we propose the concept of Personalized Application Whitelisting (PAW) to block all unsolicited foreign code from executing on a system. We introduce CodeShield, an approach to implement PAW on Windows hosts. CodeShield uses a simple and novel security model, and a new user interaction approach for obtaining security-critical decisions from users. We have implemented CodeShield, demonstrated its security effectiveness, and conducted a user study, having 38 participants run CodeShield on their laptops for 6 weeks. Results from the data demonstrate the usability and promises of our design.