A Format-Independent Architecture for Run-Time Integrity Checking of Executable Code
نویسندگان
چکیده
A robust architecture against network intrusions plays a main role for information security and service reliability. An intruder that obtains an unauthorized access to a remote system could read restricted information or hide this access for future and eventually more dangerous actions. Temporary intrusions can become permanent (i.e., resistant to reboots) if malicious code is installed in a system not adequately protected. In this paper we propose an infrastructure for the run-time integrity checking of executable code. Our approach is general as the specification of our infrastructure includes support for every file format. Moreover we also present our implementation that supports run-time integrity checking for ELF and shell script files. Experimental results show that our solution is a practical and effective protection for workstations connected to the Internet offering services to local and remote users.
منابع مشابه
- MaC : a Run - time Assurance Tool for JavaProgramsM
We describe Java-MaC, a prototype implementation of the Monitoring and Checking (MaC) architecture for Java programs. The MaC architecture provides assurance about the correct execution of target programs at run-time. Monitoring and checking is performed based on a formal speciication of system requirements. MaC bridges the gap between formal veriication, which ensures the correctness of a desi...
متن کاملAn Architecture for Kernel-Level Verification of Executables at Run Time
Digital signatures have been proposed by several researchers as a way of preventing execution of malicious code. In this paper we propose a general architecture for performing the signature verification as part of the kernel execution process. The proposed architecture does not require any change in the interpreters used to execute code and it can accommodate any executable format. We also repo...
متن کاملCompiler Technology for Parallel Scientiic Computation
There is a need for compiler technology that, given the source program, will generate eecient parallel codes for diierent architectures with minimal user involvement. Parallel computation is becoming indispensable in solving large-scale problems in science and engineering. Yet, the use of parallel computation is limited by the high costs of developing the needed software. To overcome this diicu...
متن کاملDeductive Integrity Maintenance in an Object-oriented Setting
The extension of integrity checking methods proposed for deductive relational databases to the case of object-oriented deductive databases ooers new opportunities for more eecient consistency control: a reduction of the search space by ner granularity of updates, and a reduction of runtime integrity checking by incremental maintenance of the executable code generated for evaluating simpliied ru...
متن کاملCertifying Code Generation Runs with Coq: A Tool Description
In this tool description paper we present a certifying code generation phase. Our code generation phase takes intermediate language programs and translates them into MIPS assembler code. Each time our code generation is invoked a proof script is emitted. This proof script is used as a certificate to guarantee the correctness of the code generation run. It is checked in the Coq theorem prover. O...
متن کامل