Abstract
According to official Chinese media sources, the Green Dam Youth Escort (GDYE) software is intended to protect young citizens from viewing unhealthy information on the Internet. However, critics maintain that GDYE has serious security vulnerabilities that allow hackers to take control of computers installed with GDYE. Critics also claim that the software is designed to collect user data and keystrokes for transmission to remote servers for unknown purposes. GDYE was originally mandated to be pre-installed on every computer sold in the People’s Republic of China. However, the plan was suddenly shelved in the face of intense international media attention. This paper evaluates the GDYE software’s advertised functions and additional non-advertised capabilities. As the software may have spyware and malware functionality, the evaluation monitored the software behavior in a specialized controlled environment. The analysis was performed from a forensics perspective to collect digital evidence and traces in order to prove or disprove that GDYE captures and disseminates private information.
Chapter PDF
Similar content being viewed by others
References
Anonymous, A technical analysis of the Green Dam Youth Escort software (docs.google.com/View?id=afk7vnz54wt_12f8jzj9gw), 2009.
Anonymous, Green Dam Youth Escort Testing Report (www.mei rendaddy.com/blog/?p=404), 2009.
E. Bastuz, Malware Challenge 2008: Behavioral analysis of a malicious Windows executable (www.emre.de/wiki/index.php/MWC 2008), 2008.
J. Cui, X. Wang and X. Cui, Plug not pulled on Green Dam, China Daily, Beijing, China (www.chinadaily.com.cn/china/2009-07/02/content_8344967.htm), July 2, 2009.
Dazheng, About Dazheng, Beijing, China (hncit.com/about_us.html).
R. Faris, H. Roberts and S. Wang, China’s Green Dam: The implications of government control encroaching on the home PC, Bulletin, OpenNet Initiative, Oxford, United Kingdom (opennet.net/sites/opennet.net/files/GreenDam_bulletin.pdf), 2009.
Jin Hui, About Jin Hui, Zhengzhou, China (www.zzjinhui.com/qyjj.html).
Ministry of Industry and Technology, MITT announcement, Beijing, China (www.miit.gov.cn/n11293472/n11293832/n11293907/n11368223/12433840.html), June 30, 2009.
H. Wei, J. Ohlund and B. Butterklee, Unraveling the mysteries of writing a WinSock 2 Layered Service Provider, Microsoft Systems Journal (www.microsoft.com/msj/0599/LayeredService/LayeredService.aspx), 2009.
S. Wolchok, R. Yao and J. Halderman, Analysis of the Green Dam censorware system, Revision 2.41, Computer Science and Engineering Division, University of Michigan, Ann Arbor, Michigan (www.cse.umich.edu/~halderm/pub/gd), 2009.
S. Young, A. Lai, I. Mao, C. Mok, T. Tsang and F. Li, Dissection of Green Dam, presented to the Professional Internet Security Association, Hong Kong, 2009.
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2010 International Federation for Information Processing
About this paper
Cite this paper
Li, F., Chan, H., Chow, KP., Lai, P. (2010). An Analysis of the Green Dam Youth Escort Software. In: Chow, KP., Shenoi, S. (eds) Advances in Digital Forensics VI. DigitalForensics 2010. IFIP Advances in Information and Communication Technology, vol 337. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-642-15506-2_4
Download citation
DOI: https://doi.org/10.1007/978-3-642-15506-2_4
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-642-15505-5
Online ISBN: 978-3-642-15506-2
eBook Packages: Computer ScienceComputer Science (R0)