Title :
A Multi-factor Approach to Securing Software on Client Computing Platforms
Author :
Srinivasan, Raghunathan ; Dasgupta, Partha ; Iyer, Vivek ; Kanitkar, Amit ; Sanjeev, Sujit ; Lodhia, Jatin
Author_Institution :
Arizona State Univ., Tempe, AZ, USA
Abstract :
Protecting the integrity of software platforms, especially in unmanaged consumer computing systems is a difficult problem. Attackers may attempt to execute buffer overflow attacks to gain access to systems, steal secrets and patch on existing binaries to hide detection. Every binary has inherent vulnerabilities that attackers may exploit. In this paper we present three orthogonal approaches; each of which provides a level of assurance against malware attacks beyond virus detectors. The approaches can be added on top of normal defenses and can be combined for tailoring the level of protection desired. This work attempts to find alternate solutions to the problem of malware resistance. The approaches we use are: adding diversity or randomization to data address spaces, hiding critical data to prevent data theft and the use of remote attestation to detect tampering with executable code.
Keywords :
data integrity; invasive software; storage management; buffer overflow attacks; client computing platforms; malware attacks; software integrity; Encryption; Hardware; Kernel; Malware; Virtual machine monitors; Computer security; attacks; integrity measurement; memory randomization; remote attestation; secure key storage in memory;
Conference_Titel :
Social Computing (SocialCom), 2010 IEEE Second International Conference on
Conference_Location :
Minneapolis, MN
Print_ISBN :
978-1-4244-8439-3
Electronic_ISBN :
978-0-7695-4211-9
DOI :
10.1109/SocialCom.2010.147
