Rethinking software component security: software component level integrity and cross verification

Byungho Min, Vijay Varadharajan*

*Corresponding author for this work

Research output: Contribution to journalArticlepeer-review

3 Citations (Scopus)

Abstract

Modern computing platforms have progressed to deploying more secure software with various defensive techniques such as code signing and application whitelisting. However, the adversary, on the other hand, has been developing offensive techniques including using legitimate digital certificates in their attacks. In this paper (extended version of a paper published in the conference DSN 2015), we propose a new security mechanism for software systems that extends the Windows integrity mechanism and code signing technique. Our security mechanism gives rise to three major benefits. First, it prevents a wide range of attacks such as DLL hijacking and DLL injection, and mitigates the impact of shellcode that is executed by successful software vulnerability exploitation. It also prevents the use of untrusted plugins such as web browser add-ons. Second, it achieves developer-enforced security at the software component level so that components cannot be abused by malware. Third, it ensures a flexible environment where untrusted applications and software components are allowed to be loaded/executed at a low integrity level with restricted access permissions to system resources. We have implemented a prototype and carried out a thorough evaluation, showing the advantages of our proposed mechanism in mitigating real world malware attacks and preventing unauthorised software use as well as demonstrating the ease of adoption for software developers.

Original languageEnglish
Pages (from-to)1735-1748
Number of pages14
JournalComputer Journal
Volume59
Issue number11
DOIs
Publication statusPublished - 3 Nov 2016

Keywords

  • software component control
  • Windows integrity mechanism
  • cross verification
  • code signing
  • same-origin policy
  • security

Fingerprint

Dive into the research topics of 'Rethinking software component security: software component level integrity and cross verification'. Together they form a unique fingerprint.

Cite this