Verification of Security-Relevant Behavior Model and Security Policy for Model-Carrying Code
This article presents a method of verifying the safety of untrusted mobile code, using the model of security-relevant behaviors of code. This method verifies whether models violate users’ security policies to help users decide which programs to run and which not, and hence ensures the security of users’ systems and devices. Based on the framework of model-carrying code, we make several improvements: using the extended pushdown automaton (EPDA) as the program behavior model, reducing ambiguity in regular expressions over events (REE), proposing a new verification algorithm according to above significant improvements.
Keywordsmobile code security verification behavior model security policy model-carrying code
Unable to display preview. Download preview PDF.
- 2.Giffin, J.T.: Model-based Intrusion Detection System Design And Evaluation, PhD thesis. University of Wisconsin-Madison (2006)Google Scholar
- 3.Necula, G.: Proof-Carry Code. In: ACM Symposium Principles of Programming Languages, POPL (1997)Google Scholar
- 4.Uppuluri, P.: Intrusion Detection/Prevention Using Behavior Specifications. PhD thesis, Stony Brook University (2003)Google Scholar
- 6.Cohen, S., Franco, R.: ActiveX Security: Improvements and Best Practices. MSDN (2006)Google Scholar
- 7.Wagner, D., Soto, P.: Mimicry Attacks on Host-based Intrusion Detection Systems. In: 9th ACM Conference on Computer and Communication Security (CCS), Washington, DC (2002)Google Scholar