Dynamic Binary Instrumentation-Based Framework for Malware Defense
DIMVA '08 Proceedings of the 5th international conference on Detection of Intrusions and Malware, and Vulnerability Assessment
| Hi-index | 0.00 |
To detect any (unknown) virus, automatic signature schemes are proposed to be embedded in honestly-made compilers. But compiling load is centralized on the compiler makers. To distribute compiling load with the help of distributed servers, proxy automatic signature schemes are proposed for the distributed compilers. However, Lin and Janýs proxy automatic signature scheme is insecure and has length restriction of source programs. To remove these flaws, Hwang and Li also proposed their scheme. However, two signatures are used for the agreement of compiler makers and servers, respectively. But only the signature for the proxy agreement of compiler makers can be validated by anyone. To remove this inefficient flaw, a new efficient proxy automatic signature scheme is proposed. Except the efficient advantage, the proxy agreement being researched both by the compiler maker and servers can be validated by anyone at the same time. Only one signature is used to show the agreement. The correctness of compilers and executable programs can be validated without releasing source codes. Moreover the moderator can easily find out infection sources.