A multi-factor approach to securing software on client computing platforms

Raghunathan Srinivasan, Partha Dasgupta, Vivek Iyer, Amit Kanitkar, Sujit Sanjeev, Jatin Lodhia

Research output: Chapter in Book/Report/Conference proceedingConference contribution

1 Citation (Scopus)

Abstract

Protecting the integrity of software platforms, especially in unmanaged consumer computing systems is a difficult problem. Attackers may attempt to execute buffer overflow attacks to gain access to systems, steal secrets and patch on existing binaries to hide detection. Every binary has inherent vulnerabilities that attackers may exploit. In this paper we present three orthogonal approaches; each of which provides a level of assurance against malware attacks beyond virus detectors. The approaches can be added on top of normal defenses and can be combined for tailoring the level of protection desired. This work attempts to find alternate solutions to the problem of malware resistance. The approaches we use are: adding diversity or randomization to data address spaces, hiding critical data to prevent data theft and the use of remote attestation to detect tampering with executable code.

Original languageEnglish (US)
Title of host publicationProceedings - SocialCom 2010: 2nd IEEE International Conference on Social Computing, PASSAT 2010: 2nd IEEE International Conference on Privacy, Security, Risk and Trust
Pages993-998
Number of pages6
DOIs
StatePublished - 2010
Event2nd IEEE International Conference on Social Computing, SocialCom 2010, 2nd IEEE International Conference on Privacy, Security, Risk and Trust, PASSAT 2010 - Minneapolis, MN, United States
Duration: Aug 20 2010Aug 22 2010

Other

Other2nd IEEE International Conference on Social Computing, SocialCom 2010, 2nd IEEE International Conference on Privacy, Security, Risk and Trust, PASSAT 2010
CountryUnited States
CityMinneapolis, MN
Period8/20/108/22/10

Fingerprint

Computer viruses
Detectors
Malware

Keywords

  • Attacks
  • Computer security
  • Integrity measurement
  • Memory randomization
  • Remote attestation
  • Secure key storage in memory

ASJC Scopus subject areas

  • Computer Networks and Communications
  • Computer Science Applications
  • Information Systems

Cite this

Srinivasan, R., Dasgupta, P., Iyer, V., Kanitkar, A., Sanjeev, S., & Lodhia, J. (2010). A multi-factor approach to securing software on client computing platforms. In Proceedings - SocialCom 2010: 2nd IEEE International Conference on Social Computing, PASSAT 2010: 2nd IEEE International Conference on Privacy, Security, Risk and Trust (pp. 993-998). [5591388] https://doi.org/10.1109/SocialCom.2010.147

A multi-factor approach to securing software on client computing platforms. / Srinivasan, Raghunathan; Dasgupta, Partha; Iyer, Vivek; Kanitkar, Amit; Sanjeev, Sujit; Lodhia, Jatin.

Proceedings - SocialCom 2010: 2nd IEEE International Conference on Social Computing, PASSAT 2010: 2nd IEEE International Conference on Privacy, Security, Risk and Trust. 2010. p. 993-998 5591388.

Research output: Chapter in Book/Report/Conference proceedingConference contribution

Srinivasan, R, Dasgupta, P, Iyer, V, Kanitkar, A, Sanjeev, S & Lodhia, J 2010, A multi-factor approach to securing software on client computing platforms. in Proceedings - SocialCom 2010: 2nd IEEE International Conference on Social Computing, PASSAT 2010: 2nd IEEE International Conference on Privacy, Security, Risk and Trust., 5591388, pp. 993-998, 2nd IEEE International Conference on Social Computing, SocialCom 2010, 2nd IEEE International Conference on Privacy, Security, Risk and Trust, PASSAT 2010, Minneapolis, MN, United States, 8/20/10. https://doi.org/10.1109/SocialCom.2010.147
Srinivasan R, Dasgupta P, Iyer V, Kanitkar A, Sanjeev S, Lodhia J. A multi-factor approach to securing software on client computing platforms. In Proceedings - SocialCom 2010: 2nd IEEE International Conference on Social Computing, PASSAT 2010: 2nd IEEE International Conference on Privacy, Security, Risk and Trust. 2010. p. 993-998. 5591388 https://doi.org/10.1109/SocialCom.2010.147
Srinivasan, Raghunathan ; Dasgupta, Partha ; Iyer, Vivek ; Kanitkar, Amit ; Sanjeev, Sujit ; Lodhia, Jatin. / A multi-factor approach to securing software on client computing platforms. Proceedings - SocialCom 2010: 2nd IEEE International Conference on Social Computing, PASSAT 2010: 2nd IEEE International Conference on Privacy, Security, Risk and Trust. 2010. pp. 993-998
@inproceedings{5a62de871acb44da9471389dc9491c14,
title = "A multi-factor approach to securing software on client computing platforms",
abstract = "Protecting the integrity of software platforms, especially in unmanaged consumer computing systems is a difficult problem. Attackers may attempt to execute buffer overflow attacks to gain access to systems, steal secrets and patch on existing binaries to hide detection. Every binary has inherent vulnerabilities that attackers may exploit. In this paper we present three orthogonal approaches; each of which provides a level of assurance against malware attacks beyond virus detectors. The approaches can be added on top of normal defenses and can be combined for tailoring the level of protection desired. This work attempts to find alternate solutions to the problem of malware resistance. The approaches we use are: adding diversity or randomization to data address spaces, hiding critical data to prevent data theft and the use of remote attestation to detect tampering with executable code.",
keywords = "Attacks, Computer security, Integrity measurement, Memory randomization, Remote attestation, Secure key storage in memory",
author = "Raghunathan Srinivasan and Partha Dasgupta and Vivek Iyer and Amit Kanitkar and Sujit Sanjeev and Jatin Lodhia",
year = "2010",
doi = "10.1109/SocialCom.2010.147",
language = "English (US)",
isbn = "9780769542119",
pages = "993--998",
booktitle = "Proceedings - SocialCom 2010: 2nd IEEE International Conference on Social Computing, PASSAT 2010: 2nd IEEE International Conference on Privacy, Security, Risk and Trust",

}

TY - GEN

T1 - A multi-factor approach to securing software on client computing platforms

AU - Srinivasan, Raghunathan

AU - Dasgupta, Partha

AU - Iyer, Vivek

AU - Kanitkar, Amit

AU - Sanjeev, Sujit

AU - Lodhia, Jatin

PY - 2010

Y1 - 2010

N2 - Protecting the integrity of software platforms, especially in unmanaged consumer computing systems is a difficult problem. Attackers may attempt to execute buffer overflow attacks to gain access to systems, steal secrets and patch on existing binaries to hide detection. Every binary has inherent vulnerabilities that attackers may exploit. In this paper we present three orthogonal approaches; each of which provides a level of assurance against malware attacks beyond virus detectors. The approaches can be added on top of normal defenses and can be combined for tailoring the level of protection desired. This work attempts to find alternate solutions to the problem of malware resistance. The approaches we use are: adding diversity or randomization to data address spaces, hiding critical data to prevent data theft and the use of remote attestation to detect tampering with executable code.

AB - Protecting the integrity of software platforms, especially in unmanaged consumer computing systems is a difficult problem. Attackers may attempt to execute buffer overflow attacks to gain access to systems, steal secrets and patch on existing binaries to hide detection. Every binary has inherent vulnerabilities that attackers may exploit. In this paper we present three orthogonal approaches; each of which provides a level of assurance against malware attacks beyond virus detectors. The approaches can be added on top of normal defenses and can be combined for tailoring the level of protection desired. This work attempts to find alternate solutions to the problem of malware resistance. The approaches we use are: adding diversity or randomization to data address spaces, hiding critical data to prevent data theft and the use of remote attestation to detect tampering with executable code.

KW - Attacks

KW - Computer security

KW - Integrity measurement

KW - Memory randomization

KW - Remote attestation

KW - Secure key storage in memory

UR - http://www.scopus.com/inward/record.url?scp=78649260961&partnerID=8YFLogxK

UR - http://www.scopus.com/inward/citedby.url?scp=78649260961&partnerID=8YFLogxK

U2 - 10.1109/SocialCom.2010.147

DO - 10.1109/SocialCom.2010.147

M3 - Conference contribution

AN - SCOPUS:78649260961

SN - 9780769542119

SP - 993

EP - 998

BT - Proceedings - SocialCom 2010: 2nd IEEE International Conference on Social Computing, PASSAT 2010: 2nd IEEE International Conference on Privacy, Security, Risk and Trust

ER -