Please use this identifier to cite or link to this item: https://doi.org/10.1145/1181309.1181312
DC FieldValue
dc.titleHunting Trojan Horses
dc.contributor.authorMoffie, M.
dc.contributor.authorCheng, W.
dc.contributor.authorKaeli, D.
dc.contributor.authorZhao, Q.
dc.date.accessioned2014-12-02T08:39:21Z
dc.date.available2014-12-02T08:39:21Z
dc.date.issued2006
dc.identifier.citationMoffie, M.,Cheng, W.,Kaeli, D.,Zhao, Q. (2006). Hunting Trojan Horses. ASID'06: 1st Workshop on Architectural and System Support for Improving Software Dependability : 12-17. ScholarBank@NUS Repository. <a href="https://doi.org/10.1145/1181309.1181312" target="_blank">https://doi.org/10.1145/1181309.1181312</a>
dc.identifier.isbn1595935762
dc.identifier.urihttp://scholarbank.nus.edu.sg/handle/10635/114663
dc.description.abstractHTH (Hunting Trojan Horses) is a security framework developed for detecting difficult types of intrusions. HTH is intended as a complement to anti-virus software in that it targets unknown and zero-day Trojan Horses and Backdoors. In order to accurately identify these types of attacks HTH utilizes runtime information available during execution. The information collected includes fine-grained information flow, program execution flow and resources used.In this paper we present Harrier, an Application Security Monitor at the heart of our HTH framework. Harrier is an efficient run-time monitor that dynamically collects execution-related data. Harrier is capable of collecting information across different abstraction levels including architectural, system and library APIs. To date, Harrier is 3-4 times faster than comparable information flow tracking systems.Using the collected information, Harrier allows for accurate identification of abnormal program behavior. Preliminary results show a good detection rate with a low rate of false positives. Copyright 2006 ACM.
dc.description.urihttp://libproxy1.nus.edu.sg/login?url=http://dx.doi.org/10.1145/1181309.1181312
dc.sourceScopus
dc.subjectData labeling
dc.subjectInformation flow control
dc.subjectProgram monitoring
dc.subjectRun time environment
dc.typeConference Paper
dc.contributor.departmentSINGAPORE-MIT ALLIANCE
dc.description.doi10.1145/1181309.1181312
dc.description.sourcetitleASID'06: 1st Workshop on Architectural and System Support for Improving Software Dependability
dc.description.page12-17
dc.identifier.isiutNOT_IN_WOS
Appears in Collections:Staff Publications

Show simple item record
Files in This Item:
There are no files associated with this item.

SCOPUSTM   
Citations

9
checked on Nov 26, 2021

Page view(s)

200
checked on Dec 2, 2021

Google ScholarTM

Check

Altmetric


Items in DSpace are protected by copyright, with all rights reserved, unless otherwise indicated.