Free Online Productivity Tools
i2Speak
i2Symbol
i2OCR
iTex2Img
iWeb2Print
iWeb2Shot
i2Type
iPdf2Split
iPdf2Merge
i2Bopomofo
i2Arabic
i2Style
i2Image
i2PDF
iLatex2Rtf
Sci2ools
ACSAC
2006
IEEE
2006
IEEE
Foreign Code Detection on the Windows/X86 Platform
As new attacks against Windows-based machines emerge almost on a daily basis, there is an increasing need to “lock down” individual users’ desktop machines in corporate computing environments. One particular way to lock down a user computer is to guarantee that only authorized binary programs are allowed to run on that computer. A major advantage of this approach is that binaries downloaded without the user’s knowledge, such as spyware, adware, or code entering through buffer overflow attacks, can never run on computers that are locked down this way. This paper presents the design, implementation and evaluation of FOOD, a foreign code detection system specifically for the Windows/X86 platform, where foreign code is defined as any binary programs that do not go through an authorized installation procedure. FOOD verifies the legitimacy of binary images involved in process creation and library loading to ensure that only authorized binaries are used in these operations. In ad...
Real-time Traffic| Added | 10 Jun 2010 |
| Updated | 10 Jun 2010 |
| Type | Conference |
| Year | 2006 |
| Where | ACSAC |
| Authors | Susanta Nanda, Wei Li, Lap-Chung Lam, Tzi-cker Chiueh |
Comments (0)
Researcher Info
|
