Abstract
This article presents a method of verifying the safety of untrusted mobile code, using the model of security-relevant behaviors of code. This method verifies whether models violate users’ security policies to help users decide which programs to run and which not, and hence ensures the security of users’ systems and devices. Based on the framework of model-carrying code, we make several improvements: using the extended pushdown automaton (EPDA) as the program behavior model, reducing ambiguity in regular expressions over events (REE), proposing a new verification algorithm according to above significant improvements.
This is a preview of subscription content, log in via an institution to check access.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Preview
Unable to display preview. Download preview PDF.
References
Sekar, R., Venkatakrishnan, V.N., Basu, S., Bhatkar, S., DuVarney, D.C.: Model-Carrying Code: A Practical Approach for Safe Execution of Untrusted Applications. In: Proceedings of the nineteenth ACM symposium on Operating systems principles, pp. 15–28. ACM, New York (2003)
Giffin, J.T.: Model-based Intrusion Detection System Design And Evaluation, PhD thesis. University of Wisconsin-Madison (2006)
Necula, G.: Proof-Carry Code. In: ACM Symposium Principles of Programming Languages, POPL (1997)
Uppuluri, P.: Intrusion Detection/Prevention Using Behavior Specifications. PhD thesis, Stony Brook University (2003)
Hallaraker, O., Vigna, G.: Detecting Malicious JavaScript Code in Mozilla. In: Proceedings of 10th IEEE International Conference on Engineering of Complex Computer Systems, ICECCS 2005, pp. 85–94 (2005)
Cohen, S., Franco, R.: ActiveX Security: Improvements and Best Practices. MSDN (2006)
Wagner, D., Soto, P.: Mimicry Attacks on Host-based Intrusion Detection Systems. In: 9th ACM Conference on Computer and Communication Security (CCS), Washington, DC (2002)
Laurikari, V.: NFAs with Tagged Transitions, their Conversion to Deterministic Automata and Application to Regular Expressions. In: Proc. of the Seventh Intl. Symp.on String Processing and Information Retrieval (SPIRE 2000), pp. 181–187. IEEE, Los Alamitos (2000)
Kotz, D., Gray, R.S.: Mobile Agents and the Future of the Internet. Operating Systems Review 33, 7–13 (1999)
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2009 Springer-Verlag Berlin Heidelberg
About this paper
Cite this paper
Wei, Y., Zheng, X., Ren, J., Zheng, X., Sun, C., Li, Z. (2009). Verification of Security-Relevant Behavior Model and Security Policy for Model-Carrying Code. In: Ślęzak, D., Kim, Th., Fang, WC., Arnett, K.P. (eds) Security Technology. SecTech 2009. Communications in Computer and Information Science, vol 58. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-642-10847-1_19
Download citation
DOI: https://doi.org/10.1007/978-3-642-10847-1_19
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-642-10846-4
Online ISBN: 978-3-642-10847-1
eBook Packages: Computer ScienceComputer Science (R0)