The user is not the enemy: Fighting malware by tracking user intentions

Proceedings New Security Paradigms Workshop

Volumn , Issue , 2009, Pages 33-45

  Shirley, Jeffrey ^a   Evans, David ^a  

^a UNIVERSITY OF VIRGINIA   (United States)

Author keywords

Access control; Security policies; User intent

Indexed keywords

ACCESS CONTROL DECISIONS; ACCESS CONTROL POLICIES; MALWARE MITIGATION; MALWARES; NEW APPROACHES; SINGLE-USER SYSTEM; SYSTEM DAMAGE; USER ACTION; USER BEHAVIORS; USER INTENTION;

BEHAVIORAL RESEARCH; COMPUTER CRIME; SECURITY SYSTEMS; TECHNICAL PRESENTATIONS;

ACCESS CONTROL;

EID: 77950555884     PISSN: None     EISSN: None     Source Type: Conference Proceeding    
DOI: 10.1145/1595676.1595683     Document Type: Conference Paper

References (47)

1. Anne Adams, and Martina Angela Sasse. Users Are Not the Enemy. Communications of the ACM, December 1999: 40-46.
2. Paul Barham, Boris Dragovic, Keir Fraser, Steven Hand, Tim Harris, Alex Ho, Rolf Neugebauer, Ian Pratt, and Andrew Warfield. Xen and the Art of Virtualization. In Proc. Symposium on Operating System Principles. 2003.
3. D. Elliot Bell and Leonard J. LaPadula. Secure Computer Systems: Mathematical Foundations. Technical Report. The MITRE Corporation, 1973.
4. Kenneth J. Biba. Integrity Considerations for Secure Computer Systems. Technical Report. The MITRE Corporation, 1977.
5. Mihai Christodorescu, Somesh Jha, Sanjit A. Seshia, Dawn Song, and Randal E. Bryant. Semantics-Aware Malware Detection. In Proc. IEEE Symposium on Security and Privacy. 2005.
6. David D. Clark and David D. Wilson. A Comparison of Commercial and Military Computer Security Policies. In Proc. IEEE Symposium on Security and Privacy. 1987.
7. Lorrie Cranor, and Simson Garfinkel. Security and Usability. O'Reilly, 2005.
8. Weidong Cui, Randy H. Katz, and Wai-tian Tan. BINDER: An Extrusion-based Break-In Detector for Personal Computers. In Proc. USENIX Security Symposium. 2005.
9. T. Daboczi, I. Kollar, G. Simon, and T. Megyeri. How to test graphical user interfaces. IEEE Instrumentation & Measurement Magazine, September 2003: 27-33.
10. Dorothy E. Denning. A Lattice Model of Secure Information Flow. Communications of the ACM, May 1976: 236-243.
11. Rachna Dhamija, J.D. Tygar, and Marti Hearst. Why Phishing Works. In Proc. ACM SIGCHI. 2006.
12. DoD Standard 5200.28-STD: Trusted Computer System Evaluation Criteria. United States Department of Defense, 1985.
13. David Ferraiolo, and Richard Kuhn. Role-based Access Control. In Proc. National Computer Security Conference. 1992.
14. Carrie Gates and Carol Taylor. Challenging the Anomaly Detection Paradigm: A Provocative Discussion. In Proc. New Security Paradigms Workshop. 2006.
15. Joseph Halpern, and Vicky Weissman. Using first-order logic to reason about policies. In Computer Security Foundations Workshop. 2003.
16. Steven B. Hirsch. Secure Keyboard Input Terminal. U.S. Patent 4,333,090. 1980.
17. Steven A. Hofmeyr, Stephanie Forrest, and Anil Somayaji. Intrusion Detection Using Sequences of System Calls. Journal of Computer Security, 1998: 151-180.
18. Galen Hunt and Doug Brubacher. Detours: Binary Interception of Win32 Functions. In Proc.USENIX Windows NT Symposium.1999.
19. Engin Kirda, Christopher Kruegel, Greg Banks, Giovanni Vigna, and Richard A. Kemmerer. Behavior-based Spyware Detection. In Proc. USENIX Security Symposium. 2006.
20. Christopher Kruegel, William Robertson, and Giovanni Vigna. Detecting Kernel-Level Rootkits Through Binary Analysis. In Proc. Annual Computer Security Applications Conference. 2004.
21. Henry M. Levy. Capability-based Computer Systems. Digital Press, 1984.
22. Peter A. Loscocco, Stephen D. Smalley, Patrick A. Muckelbauer, and Ruth C. Taylor. The Inevitability of Failure: The Flawed Assumption of Security in Modern Computer Systems. In Proc. National Information Systems Security Conference. 1998.
23. Microsoft Corporation. Microsoft Virtual PC. 2007. http://www.microsoft. com/windowsxp/virtualpc/
24. Microsoft Corporation. Windows Vista: User Account Control. 2006.
25. National Security Administration. Security-Enhanced Linux. 2007. http://www.nsa.gov/selinux/.
26. Donald A. Norman. The Design of Everyday Things. Doubleday, 1988.
27. Novell Corporation. AppArmor. http://www.novell.com/linux/security/ apparmor/.
28. OASIS. eXtensible Access Control Markup Language (XACML) version 2.0. 2006.
29. Vern Paxson. Bro: A System for Detecting Network Intruders in Real-Time. In Proc. USENIX Security Symposium. 1998.
30. C. Powers and M. Schunter. Enterprise Privacy Authorization Language (EPAL 1.2). W3C Member Submission, 2003.
31. Sysinternals. Rootkit Revealer. 2006. http://www.sysinternals.com/ Utilities/RootkitRevealer.
32. Ray Spencer, Stephen Smalley, Peter Loscocco, Mike Hibler, David Andersen, and Jay Lepreau. The FLASK Security Architecture: System Support for Diverse Security Policies. In Proc. USENIX Security Symposium. 1999.
33. Marc Stiegler, Alan H. Karp, Ka-Ping Yee, and Mark Miller. Polaris: Virus-safe Computing. Technical Report. Hewlett-Packard, 2004.
34. Sun Microsystems. HotJava: The Security Story. 1995.
35. Sun Microsystems. Java Security Overview. 2007. http://java.sun.com/ javase/6/docs/technotes/guides.
36. Symantec Corporation. Symantec Norton Antivirus. 2006. http://www.symantec.com.
37. The Snort Project. Snort, The Open Source Network Intrusion Detection System. 2006. http://www.snort.org/.
38. The Tripwire Project. Tripwire host-based IDS. 2007. http://sourceforge. net/projects/tripwire/.
39. Michael C. Tschantz and Shriram Krishnamurthi. Towards Reasonability Properties for Access Control Policy Languages. In Proc. ACM SACMAT. 2006.
40. J.D. Tygar and Alma Whitten. Why Johnny Can't Encrypt. In Proc. USENIX Security Symposium. 1999.
41. VMWare Corporation. VMWare. 2007. http://www.vmware.com.
42. VMWare Corporation. Virtual Machine Communication Interface. 2007. http://pubs.vmware.com/vmcisdk/VMCI-intro.html.
43. David Wagner and Paulo Soto. Mimicry Attacks on Host-Based Intrusion Detection Systems. In Proc. ACM Conference on Computer and Communications Security. 2002.
44. David R. Wooten. Securing the User Input Path On NGSCB Systems. In Microsoft WinHEC. 2004. http://download.microsoft.com/download/1/8/f/18f8cee2- 0b64-41f2893da6f2295b40c8/TW04055-WINHEC2004.ppt.
45. Wei Xu, Sandeep Bhatkar, and R. Sekar. Taint-enhanced Policy Enforcement: A Practical Approach to Defeat a Wide Range of Attacks. In Proc. USENIX Security Symposium. 2006.
46. Ka-Ping Yee. Aligning Security and Usability. IEEE Security and Privacy Magazine, September 2004: 48-55.
47. Doug Beck, Binh Vo, and Chad Verbowski. Detecting Stealth Software with Strider GhostBuster. In Proc. Int. Conf. on Dependable Systems and Networks. 2005.