A multi-factor approach to securing software on client computing platforms

Raghunathan Srinivasan; Partha Dasgupta; Vivek Iyer; Amit Kanitkar; Sujit Sanjeev; Jatin Lodhia

doi:10.1109/SocialCom.2010.147

A multi-factor approach to securing software on client computing platforms

Raghunathan Srinivasan, Partha Dasgupta, Vivek Iyer, Amit Kanitkar, Sujit Sanjeev, Jatin Lodhia

Research output: Chapter in Book/Report/Conference proceeding › Conference contribution

2 Scopus citations

Abstract

Protecting the integrity of software platforms, especially in unmanaged consumer computing systems is a difficult problem. Attackers may attempt to execute buffer overflow attacks to gain access to systems, steal secrets and patch on existing binaries to hide detection. Every binary has inherent vulnerabilities that attackers may exploit. In this paper we present three orthogonal approaches; each of which provides a level of assurance against malware attacks beyond virus detectors. The approaches can be added on top of normal defenses and can be combined for tailoring the level of protection desired. This work attempts to find alternate solutions to the problem of malware resistance. The approaches we use are: adding diversity or randomization to data address spaces, hiding critical data to prevent data theft and the use of remote attestation to detect tampering with executable code.

Original language	English (US)
Title of host publication	Proceedings - SocialCom 2010
Subtitle of host publication	2nd IEEE International Conference on Social Computing, PASSAT 2010: 2nd IEEE International Conference on Privacy, Security, Risk and Trust
Pages	993-998
Number of pages	6
DOIs	https://doi.org/10.1109/SocialCom.2010.147
State	Published - 2010
Event	2nd IEEE International Conference on Social Computing, SocialCom 2010, 2nd IEEE International Conference on Privacy, Security, Risk and Trust, PASSAT 2010 - Minneapolis, MN, United States Duration: Aug 20 2010 → Aug 22 2010

Publication series

Name	Proceedings - SocialCom 2010: 2nd IEEE International Conference on Social Computing, PASSAT 2010: 2nd IEEE International Conference on Privacy, Security, Risk and Trust

Other

Other	2nd IEEE International Conference on Social Computing, SocialCom 2010, 2nd IEEE International Conference on Privacy, Security, Risk and Trust, PASSAT 2010
Country/Territory	United States
City	Minneapolis, MN
Period	8/20/10 → 8/22/10

Keywords

Attacks
Computer security
Integrity measurement
Memory randomization
Remote attestation
Secure key storage in memory

ASJC Scopus subject areas

Computer Networks and Communications
Computer Science Applications
Information Systems

Access to Document

10.1109/SocialCom.2010.147

Cite this

Srinivasan, R., Dasgupta, P., Iyer, V., Kanitkar, A., Sanjeev, S., & Lodhia, J. (2010). A multi-factor approach to securing software on client computing platforms. In Proceedings - SocialCom 2010: 2nd IEEE International Conference on Social Computing, PASSAT 2010: 2nd IEEE International Conference on Privacy, Security, Risk and Trust (pp. 993-998). Article 5591388 (Proceedings - SocialCom 2010: 2nd IEEE International Conference on Social Computing, PASSAT 2010: 2nd IEEE International Conference on Privacy, Security, Risk and Trust). https://doi.org/10.1109/SocialCom.2010.147

A multi-factor approach to securing software on client computing platforms. / Srinivasan, Raghunathan; Dasgupta, Partha; Iyer, Vivek et al.
Proceedings - SocialCom 2010: 2nd IEEE International Conference on Social Computing, PASSAT 2010: 2nd IEEE International Conference on Privacy, Security, Risk and Trust. 2010. p. 993-998 5591388 (Proceedings - SocialCom 2010: 2nd IEEE International Conference on Social Computing, PASSAT 2010: 2nd IEEE International Conference on Privacy, Security, Risk and Trust).

Research output: Chapter in Book/Report/Conference proceeding › Conference contribution

Srinivasan, R, Dasgupta, P, Iyer, V, Kanitkar, A, Sanjeev, S & Lodhia, J 2010, A multi-factor approach to securing software on client computing platforms. in Proceedings - SocialCom 2010: 2nd IEEE International Conference on Social Computing, PASSAT 2010: 2nd IEEE International Conference on Privacy, Security, Risk and Trust., 5591388, Proceedings - SocialCom 2010: 2nd IEEE International Conference on Social Computing, PASSAT 2010: 2nd IEEE International Conference on Privacy, Security, Risk and Trust, pp. 993-998, 2nd IEEE International Conference on Social Computing, SocialCom 2010, 2nd IEEE International Conference on Privacy, Security, Risk and Trust, PASSAT 2010, Minneapolis, MN, United States, 8/20/10. https://doi.org/10.1109/SocialCom.2010.147

Srinivasan R, Dasgupta P, Iyer V, Kanitkar A, Sanjeev S, Lodhia J. A multi-factor approach to securing software on client computing platforms. In Proceedings - SocialCom 2010: 2nd IEEE International Conference on Social Computing, PASSAT 2010: 2nd IEEE International Conference on Privacy, Security, Risk and Trust. 2010. p. 993-998. 5591388. (Proceedings - SocialCom 2010: 2nd IEEE International Conference on Social Computing, PASSAT 2010: 2nd IEEE International Conference on Privacy, Security, Risk and Trust). doi: 10.1109/SocialCom.2010.147

Srinivasan, Raghunathan ; Dasgupta, Partha ; Iyer, Vivek et al. / A multi-factor approach to securing software on client computing platforms. Proceedings - SocialCom 2010: 2nd IEEE International Conference on Social Computing, PASSAT 2010: 2nd IEEE International Conference on Privacy, Security, Risk and Trust. 2010. pp. 993-998 (Proceedings - SocialCom 2010: 2nd IEEE International Conference on Social Computing, PASSAT 2010: 2nd IEEE International Conference on Privacy, Security, Risk and Trust).

@inproceedings{5a62de871acb44da9471389dc9491c14,

title = "A multi-factor approach to securing software on client computing platforms",

abstract = "Protecting the integrity of software platforms, especially in unmanaged consumer computing systems is a difficult problem. Attackers may attempt to execute buffer overflow attacks to gain access to systems, steal secrets and patch on existing binaries to hide detection. Every binary has inherent vulnerabilities that attackers may exploit. In this paper we present three orthogonal approaches; each of which provides a level of assurance against malware attacks beyond virus detectors. The approaches can be added on top of normal defenses and can be combined for tailoring the level of protection desired. This work attempts to find alternate solutions to the problem of malware resistance. The approaches we use are: adding diversity or randomization to data address spaces, hiding critical data to prevent data theft and the use of remote attestation to detect tampering with executable code.",

keywords = "Attacks, Computer security, Integrity measurement, Memory randomization, Remote attestation, Secure key storage in memory",

author = "Raghunathan Srinivasan and Partha Dasgupta and Vivek Iyer and Amit Kanitkar and Sujit Sanjeev and Jatin Lodhia",

year = "2010",

doi = "10.1109/SocialCom.2010.147",

language = "English (US)",

isbn = "9780769542119",

series = "Proceedings - SocialCom 2010: 2nd IEEE International Conference on Social Computing, PASSAT 2010: 2nd IEEE International Conference on Privacy, Security, Risk and Trust",

pages = "993--998",

booktitle = "Proceedings - SocialCom 2010",

note = "2nd IEEE International Conference on Social Computing, SocialCom 2010, 2nd IEEE International Conference on Privacy, Security, Risk and Trust, PASSAT 2010 ; Conference date: 20-08-2010 Through 22-08-2010",

}

TY - GEN

T1 - A multi-factor approach to securing software on client computing platforms

AU - Srinivasan, Raghunathan

AU - Dasgupta, Partha

AU - Iyer, Vivek

AU - Kanitkar, Amit

AU - Sanjeev, Sujit

AU - Lodhia, Jatin

PY - 2010

Y1 - 2010

N2 - Protecting the integrity of software platforms, especially in unmanaged consumer computing systems is a difficult problem. Attackers may attempt to execute buffer overflow attacks to gain access to systems, steal secrets and patch on existing binaries to hide detection. Every binary has inherent vulnerabilities that attackers may exploit. In this paper we present three orthogonal approaches; each of which provides a level of assurance against malware attacks beyond virus detectors. The approaches can be added on top of normal defenses and can be combined for tailoring the level of protection desired. This work attempts to find alternate solutions to the problem of malware resistance. The approaches we use are: adding diversity or randomization to data address spaces, hiding critical data to prevent data theft and the use of remote attestation to detect tampering with executable code.

AB - Protecting the integrity of software platforms, especially in unmanaged consumer computing systems is a difficult problem. Attackers may attempt to execute buffer overflow attacks to gain access to systems, steal secrets and patch on existing binaries to hide detection. Every binary has inherent vulnerabilities that attackers may exploit. In this paper we present three orthogonal approaches; each of which provides a level of assurance against malware attacks beyond virus detectors. The approaches can be added on top of normal defenses and can be combined for tailoring the level of protection desired. This work attempts to find alternate solutions to the problem of malware resistance. The approaches we use are: adding diversity or randomization to data address spaces, hiding critical data to prevent data theft and the use of remote attestation to detect tampering with executable code.

KW - Attacks

KW - Computer security

KW - Integrity measurement

KW - Memory randomization

KW - Remote attestation

KW - Secure key storage in memory

UR - http://www.scopus.com/inward/record.url?scp=78649260961&partnerID=8YFLogxK

UR - http://www.scopus.com/inward/citedby.url?scp=78649260961&partnerID=8YFLogxK

U2 - 10.1109/SocialCom.2010.147

DO - 10.1109/SocialCom.2010.147

M3 - Conference contribution

AN - SCOPUS:78649260961

SN - 9780769542119

T3 - Proceedings - SocialCom 2010: 2nd IEEE International Conference on Social Computing, PASSAT 2010: 2nd IEEE International Conference on Privacy, Security, Risk and Trust

SP - 993

EP - 998

BT - Proceedings - SocialCom 2010

T2 - 2nd IEEE International Conference on Social Computing, SocialCom 2010, 2nd IEEE International Conference on Privacy, Security, Risk and Trust, PASSAT 2010

Y2 - 20 August 2010 through 22 August 2010

ER -

A multi-factor approach to securing software on client computing platforms

Abstract

Publication series

Other

Keywords

ASJC Scopus subject areas

Access to Document

Other files and links

Fingerprint

Cite this