Please use this identifier to cite or link to this item:
|Title:||Hunting Trojan Horses||Authors:||Moffie, M.
Information flow control
Run time environment
|Issue Date:||2006||Citation:||Moffie, M.,Cheng, W.,Kaeli, D.,Zhao, Q. (2006). Hunting Trojan Horses. ASID'06: 1st Workshop on Architectural and System Support for Improving Software Dependability : 12-17. ScholarBank@NUS Repository. https://doi.org/10.1145/1181309.1181312||Abstract:||HTH (Hunting Trojan Horses) is a security framework developed for detecting difficult types of intrusions. HTH is intended as a complement to anti-virus software in that it targets unknown and zero-day Trojan Horses and Backdoors. In order to accurately identify these types of attacks HTH utilizes runtime information available during execution. The information collected includes fine-grained information flow, program execution flow and resources used.In this paper we present Harrier, an Application Security Monitor at the heart of our HTH framework. Harrier is an efficient run-time monitor that dynamically collects execution-related data. Harrier is capable of collecting information across different abstraction levels including architectural, system and library APIs. To date, Harrier is 3-4 times faster than comparable information flow tracking systems.Using the collected information, Harrier allows for accurate identification of abnormal program behavior. Preliminary results show a good detection rate with a low rate of false positives. Copyright 2006 ACM.||Source Title:||ASID'06: 1st Workshop on Architectural and System Support for Improving Software Dependability||URI:||http://scholarbank.nus.edu.sg/handle/10635/114663||ISBN:||1595935762||DOI:||10.1145/1181309.1181312|
|Appears in Collections:||Staff Publications|
Show full item record
Files in This Item:
There are no files associated with this item.
checked on Oct 18, 2021
checked on Oct 14, 2021
Items in DSpace are protected by copyright, with all rights reserved, unless otherwise indicated.