Title :
A heuristic policy-based system call interposition in Dynamic Binary Translation
Author :
Zheng, Deen ; Qi, Zhengwei ; Liang, Alei ; Yang, Hongbo ; Guan, Haibing ; Liu, Liang
Author_Institution :
Sch. of Software, Shanghai Jiao Tong Univ., Shanghai, China
Abstract :
Dynamic binary translation (DBT) is a well known software technology that enables seamless cross-ISA execution. Unfortunately, many malicious programs that may lead to unauthorized access can run easily and unrestrictedly under the DBT system. Because these malicious programs must go through the system call interface to take malicious action, system call interposition has become a widely used technique for intrusion detection and prevention. In this paper, we present HPSCIBit, a solution that efficiently confines malicious applications, supports automatic policy generation and interactive policy generation, intrusion detection and prevention in the DBT system. The experimental result on SPEC2000 CINT benchmarks shows that HPSCIBit is an effective and low overhead solution to the cross-ISA security issues.
Keywords :
authorisation; invasive software; program interpreters; system monitoring; DBT; HPSCIBit; SPEC2000 CINT benchmark; automatic policy generation; dynamic binary translation; heuristic policy-based system call interposition; interactive policy generation; intrusion detection; intrusion prevention; malicious action; malicious program; seamless cross-ISA execution; software technology; system call interface; unauthorized access; Computer science; Control systems; Engines; Instruction sets; Intrusion detection; Linux; Power system security; Software safety; Software systems; Writing; dynamic binary translation; system call interposition;
Conference_Titel :
Mobile Adhoc and Sensor Systems, 2009. MASS '09. IEEE 6th International Conference on
Conference_Location :
Macau
Print_ISBN :
978-1-4244-5113-5
DOI :
10.1109/MOBHOC.2009.5336911
