A protection environment for administrators of Windows 2000/XP against malicious program attacks

Author

Spalka, Adrian ; Winandy, Marcel

Author_Institution

Dept. of Comput. Sci. III, Bonn Univ., Germany

fYear

2003

fDate

3-6 Nov. 2003

Firstpage

158

Lastpage

162

Abstract

Malicious program attacks pose a serious threat to operating systems. If an operator can be tricked into running such a program its abilities to manipulate a system are unlimited. This work, which addresses Windows 2000/XP, is a part of our effort of creating a protected execution environment for applications with high security demands. We analyse attacks by malicious programs that manipulate systems components during their installation by an administrator. It turns out that most of these manipulations are likely to remain unnoticed by the human user. However, we show that the operating system´s protection mechanisms can be used to prevent or detect all manipulations that can endanger our protected environment. We combine these mechanisms in a restricted shell, which the administrator should use for the execution of possibly untrustworthy programs.

Keywords

computer crime; operating systems (computers); security of data; Windows 2000; Windows XP; malicious program attack protection; malicious program attacks; operating systems; protection mechanisms; security demands; Access control; Application software; Computer science; Computer security; Cryptography; Humans; Invasive software; Operating systems; Permission; Protection;

fLanguage

English

Publisher

ieee

Conference_Titel

Computer Software and Applications Conference, 2003. COMPSAC 2003. Proceedings. 27th Annual International

ISSN

0730-3157

Print_ISBN

0-7695-2020-0

Type

conf

DOI

10.1109/CMPSAC.2003.1245336

Filename

1245336