Free Online Productivity Tools
i2Speak
i2Symbol
i2OCR
iTex2Img
iWeb2Print
iWeb2Shot
i2Type
iPdf2Split
iPdf2Merge
i2Bopomofo
i2Arabic
i2Style
i2Image
i2PDF
iLatex2Rtf
Sci2ools
DSN
2005
IEEE
2005
IEEE
Authenticated System Calls
System call monitoring is a technique for detecting and controlling compromised applications by checking at runtime that each system call conforms to a policy that specifies the program’s normal behavior. Here, a new approach to system call monitoring based on authenticated system calls is introduced. An authenticated system call is a system call augmented with extra arguments that specify the policy for that call and a cryptographic message authentication code (MAC) that guarantees the integrity of the policy and the system call arguments. This extra information is used by the kernel to verify the system call. The version of the application in which regular system calls have been replaced by authenticated calls is generated automatically by an installer program that reads the application binary, uses static analysis to generate policies, and then rewrites the binary with the authenticated calls. This paper presents the approach, describes a prototype implementation based on Linux ...
Real-time TrafficAuthenticated Calls | Computer Networks | DSN 2005 | Program’s Normal Behavior | System Call Monitoring |
Related Content
| Added | 24 Jun 2010 |
| Updated | 24 Jun 2010 |
| Type | Conference |
| Year | 2005 |
| Where | DSN |
| Authors | Mohan Rajagopalan, Matti A. Hiltunen, Trevor Jim, Richard D. Schlichting |
Comments (0)
Researcher Info
|
