Kernel and application integrity assurance: Ensuring freedom from rootkits and malware in a computer system

Lifu Wang, Partha Dasgupta

Research output: Chapter in Book/Report/Conference proceedingConference contribution

7 Citations (Scopus)

Abstract

Malware and rootkits are serious security vulnerabilities, and they can be designed to be resistant to anti-viral software, or even totally undetectable. This paper described a hierarchical trust management scheme, where the root of trust is in a non-tamperable hardware co-processor on a PCI bus. The hardware checks a part of the OS kernel for integrity which in turn checks other parts till we ensure the entire system is free of rootkits and viruses. Our system can detect illegal modifications to kernel, loadable kernel modules and user applications. It also provides a secure communication line for user interaction to enable legal software updates.

Original languageEnglish (US)
Title of host publicationProceedings - 21st International Conference on Advanced Information Networking and Applications Workshops/Symposia, AINAW'07
Pages583-589
Number of pages7
Volume2
DOIs
StatePublished - 2007
Event21st International Conference on Advanced Information Networking and ApplicationsWorkshops/Symposia, AINAW'07 - Niagara Falls, ON, Canada
Duration: May 21 2007May 23 2007

Other

Other21st International Conference on Advanced Information Networking and ApplicationsWorkshops/Symposia, AINAW'07
CountryCanada
CityNiagara Falls, ON
Period5/21/075/23/07

Fingerprint

Malware
Integrity
Computer systems
kernel
Hardware
Computer viruses
Trust Management
Software
Secure Communication
User Interaction
Vulnerability
Virus
Update
Roots
Entire
Module
Line

ASJC Scopus subject areas

  • Computer Networks and Communications
  • Software
  • Mathematics(all)

Cite this

Wang, L., & Dasgupta, P. (2007). Kernel and application integrity assurance: Ensuring freedom from rootkits and malware in a computer system. In Proceedings - 21st International Conference on Advanced Information Networking and Applications Workshops/Symposia, AINAW'07 (Vol. 2, pp. 583-589). [4221120] https://doi.org/10.1109/AINAW.2007.217

Kernel and application integrity assurance : Ensuring freedom from rootkits and malware in a computer system. / Wang, Lifu; Dasgupta, Partha.

Proceedings - 21st International Conference on Advanced Information Networking and Applications Workshops/Symposia, AINAW'07. Vol. 2 2007. p. 583-589 4221120.

Research output: Chapter in Book/Report/Conference proceedingConference contribution

Wang, L & Dasgupta, P 2007, Kernel and application integrity assurance: Ensuring freedom from rootkits and malware in a computer system. in Proceedings - 21st International Conference on Advanced Information Networking and Applications Workshops/Symposia, AINAW'07. vol. 2, 4221120, pp. 583-589, 21st International Conference on Advanced Information Networking and ApplicationsWorkshops/Symposia, AINAW'07, Niagara Falls, ON, Canada, 5/21/07. https://doi.org/10.1109/AINAW.2007.217
Wang L, Dasgupta P. Kernel and application integrity assurance: Ensuring freedom from rootkits and malware in a computer system. In Proceedings - 21st International Conference on Advanced Information Networking and Applications Workshops/Symposia, AINAW'07. Vol. 2. 2007. p. 583-589. 4221120 https://doi.org/10.1109/AINAW.2007.217
Wang, Lifu ; Dasgupta, Partha. / Kernel and application integrity assurance : Ensuring freedom from rootkits and malware in a computer system. Proceedings - 21st International Conference on Advanced Information Networking and Applications Workshops/Symposia, AINAW'07. Vol. 2 2007. pp. 583-589
@inproceedings{9cdba23025c44593b30f0960673c8f3a,
title = "Kernel and application integrity assurance: Ensuring freedom from rootkits and malware in a computer system",
abstract = "Malware and rootkits are serious security vulnerabilities, and they can be designed to be resistant to anti-viral software, or even totally undetectable. This paper described a hierarchical trust management scheme, where the root of trust is in a non-tamperable hardware co-processor on a PCI bus. The hardware checks a part of the OS kernel for integrity which in turn checks other parts till we ensure the entire system is free of rootkits and viruses. Our system can detect illegal modifications to kernel, loadable kernel modules and user applications. It also provides a secure communication line for user interaction to enable legal software updates.",
author = "Lifu Wang and Partha Dasgupta",
year = "2007",
doi = "10.1109/AINAW.2007.217",
language = "English (US)",
isbn = "0769528473",
volume = "2",
pages = "583--589",
booktitle = "Proceedings - 21st International Conference on Advanced Information Networking and Applications Workshops/Symposia, AINAW'07",

}

TY - GEN

T1 - Kernel and application integrity assurance

T2 - Ensuring freedom from rootkits and malware in a computer system

AU - Wang, Lifu

AU - Dasgupta, Partha

PY - 2007

Y1 - 2007

N2 - Malware and rootkits are serious security vulnerabilities, and they can be designed to be resistant to anti-viral software, or even totally undetectable. This paper described a hierarchical trust management scheme, where the root of trust is in a non-tamperable hardware co-processor on a PCI bus. The hardware checks a part of the OS kernel for integrity which in turn checks other parts till we ensure the entire system is free of rootkits and viruses. Our system can detect illegal modifications to kernel, loadable kernel modules and user applications. It also provides a secure communication line for user interaction to enable legal software updates.

AB - Malware and rootkits are serious security vulnerabilities, and they can be designed to be resistant to anti-viral software, or even totally undetectable. This paper described a hierarchical trust management scheme, where the root of trust is in a non-tamperable hardware co-processor on a PCI bus. The hardware checks a part of the OS kernel for integrity which in turn checks other parts till we ensure the entire system is free of rootkits and viruses. Our system can detect illegal modifications to kernel, loadable kernel modules and user applications. It also provides a secure communication line for user interaction to enable legal software updates.

UR - http://www.scopus.com/inward/record.url?scp=35248866390&partnerID=8YFLogxK

UR - http://www.scopus.com/inward/citedby.url?scp=35248866390&partnerID=8YFLogxK

U2 - 10.1109/AINAW.2007.217

DO - 10.1109/AINAW.2007.217

M3 - Conference contribution

AN - SCOPUS:35248866390

SN - 0769528473

SN - 9780769528472

VL - 2

SP - 583

EP - 589

BT - Proceedings - 21st International Conference on Advanced Information Networking and Applications Workshops/Symposia, AINAW'07

ER -