Please use this identifier to cite or link to this item: http://scholarbank.nus.edu.sg/handle/10635/19051
Title: Towards more secure program execution environments
Authors: SUFATRIO
Keywords: Computer security, Intrusion Detection System, Authentication system, Vulnerability management, Public Key Infrastructure, Authentication logic
Issue Date: 31-Mar-2010
Source: SUFATRIO (2010-03-31). Towards more secure program execution environments. ScholarBank@NUS Repository.
Abstract: The increasing prevalence of cyber attacks is a worrying trend in the Internet age. This thesis aims to enhance host security by providing more secure program execution environments. Our approach is based on securing the "Program Protection Life Cycle (PPLC)" which protects programs throughout their life cycles. Firstly, to mitigate the threat of zero-day attacks, we investigate a system-call monitoring IDS. We show how a non-parameterized Self-based IDS is vulnerable to mimicry attacks. We then improve the IDS by employing a privilege and argument abstraction technique. Furthermore, we propose a general framework which demonstrates how the attack construction approach can apply to various IDS models. Secondly, to ensure vulnerability-free program executions, we propose a lightweight executable authentication scheme and an automated vulnerability management scheme. Thirdly, we address Public Key Infrastructure (PKI) by proposing lightweight and near real-time revocation schemes, and a formalism to reason with modern PKI-based systems and protocols.
URI: http://scholarbank.nus.edu.sg/handle/10635/19051
Appears in Collections:Ph.D Theses (Open)

Show full item record
Files in This Item:
File Description SizeFormatAccess SettingsVersion 
Sufatrio-HT027281H-PhD-Thesis-Uploaded.pdf1.88 MBAdobe PDF

OPEN

NoneView/Download

Page view(s)

416
checked on Dec 11, 2017

Download(s)

281
checked on Dec 11, 2017

Google ScholarTM

Check


Items in DSpace are protected by copyright, with all rights reserved, unless otherwise indicated.