Preventing the execution of unauthorized Win32 applications

Proceedings - DARPA Information Survivability Conference and Exposition II, DISCEX 2001

Volumn 2, Issue , 2001, Pages 175-183

  Schmid, M ^a   Hill, F ^a   Ghosh, A K ^a   Bloch, J T ^b  

^a Cigital   (United States)

^b Widevine Technologies   (United States)

Author keywords

[No Author keywords available]

Indexed keywords

ADMINISTRATIVE CONTROLS; EXECUTABLES; KERNEL DRIVERS; KEY ISSUES; SYSTEM ADMINISTRATORS; WINDOWS NT;

COMPUTER CRIME;

EID: 84964469507     PISSN: None     EISSN: None     Source Type: Conference Proceeding    
DOI: 10.1109/DISCEX.2001.932170     Document Type: Conference Paper

References (14)

1. Smartline. SmartLine Corporate Homepage, http://www.protect-me.com/asc/, SmartLine, Inc. (5 Mar 2001).
2. Goldberg, I., D. Wagner, R. Thomas, and E. Brewer. A Secure Environment for Untrusted Helper Applications - Confining the Wily Hacker. In Proceedings of the 1996 USENIX Security Symposium, 1996.
3. Finjan Software. Finjan Corporate Homepage, http://www.finjan.com, Finjan Software Ltd. (5 Mar 2001).
4. Aladdin Knowledge Systems. Aladdin Corporate Homepage, http://www.ealaddin.com, Aladdin Knowledge Systems, Inc. (5 Mar 2001).
5. Kim, G. and E. Spafford. The Design and Implementation of Tripwire: a file system integrity checker. Technical Report CSD-TR-93-071, Purdue University, Dept. of Computer Sciences, Purdue University, West Lafayette, IN 47907-1398, 1993.
6. FitzGerald, N. Why You Should Stop Using Scanners. In Proceedings of the Tenth International Virus Bulletin Conference, Orlando, FL, September 2000.
7. Schneier, B. The Trojan Horse Race. Communications of the ACM, Volume 42, Number 9. September 1999.
8. Balzer, R., N. Goldman. Mediating Connectors: A Non-bypassable Process Wrapping Technology. In Proceedings of the 2000 DARPA Information Survivability Conference and Exposition, Volume II, pp. 361-368, Hilton Head, SC, January, 2000.
9. Hunt, G. and D. Brubacher. Detours: Binary Interception of Win32 Functions. Microsoft Research, Redmond, WA, MSR-TR-98-33, July 1998.
10. Fraser, T., L. Badger, M. Feldman. Hardening COTS Software with Generic Software Wrappers. In Proceedings of the 1999 IEEE Conference on Security and Privacy, Oakland, CA., May 9-12, 1999.
11. Mitchem, T., R. Lu, and R. O'Brien. Using Kernel Hypervisors to Secure Applications. In Proceedings of the Annual Computer Security Applications Conference, Dec. 1997.
12. st Edition. Microsoft Press. Redmond, WA, 1993.
13. Harath, N. "Adding Services To The NT Kernel." (10 Oct 1998). Usenet Archives. http://www.kernel-mode.com/arc-newint2e.html(5 Mar. 2001).
14. Nebbett, G. Windows NT/2000 Native API Reference, Macmillan Technical Publishing, Indianapolis, IN, 2000, p. 134.