An Application of Machine Learning to Network Intrusion Detection
ACSAC '99 Proceedings of the 15th Annual Computer Security Applications Conference
Linux Journal
Linux Journal
Self-signed executables: restricting replacement of program binaries by malware
HOTSEC'07 Proceedings of the 2nd USENIX workshop on Hot topics in security
PULSE: a pluggable user-space Linux security environment
AISC '08 Proceedings of the sixth Australasian conference on Information security - Volume 81
Implementation of a TCG-Based Trusted Computing in Mobile Device
TrustBus '08 Proceedings of the 5th international conference on Trust, Privacy and Security in Digital Business
Towards a binary integrity system for windows
Proceedings of the 6th ACM Symposium on Information, Computer and Communications Security
VMBLS: virtual machine based logging scheme for prevention of tampering and loss
ARES'11 Proceedings of the IFIP WG 8.4/8.9 international cross domain conference on Availability, reliability and security for business, enterprise and health information systems
Risk analysis and software integrity protection for 4g network elements in ASMONIA
SAFECOMP'12 Proceedings of the 31st international conference on Computer Safety, Reliability, and Security
CodeShield: towards personalized application whitelisting
Proceedings of the 28th Annual Computer Security Applications Conference
Hi-index | 0.00 |
This paper presents a Linux kernel module, DigSig, which helps system administrators control Executable and Linkable Format (ELF) binary execution and library loading based on the presence of a valid digital signature. By preventing attackers from replacing libraries and sensitive, privileged system daemons with malicious code, DigSig increases the difficulty of hiding illicit activities such as access to compromised systems.DigSig provides system administrators with an efficient tool which mitigates the risk of running malicious code at run time. This tool adds extra functionality previously unavailable for the Linux operating system: kernel level RSA signature verification with caching and revocation of signatures.