Please use this identifier to cite or link to this item:
https://doi.org/10.1145/1181309.1181312
| DC Field | Value | |
|---|---|---|
| dc.title | Hunting Trojan Horses | |
| dc.contributor.author | Moffie, M. | |
| dc.contributor.author | Cheng, W. | |
| dc.contributor.author | Kaeli, D. | |
| dc.contributor.author | Zhao, Q. | |
| dc.date.accessioned | 2014-12-02T08:39:21Z | |
| dc.date.available | 2014-12-02T08:39:21Z | |
| dc.date.issued | 2006 | |
| dc.identifier.citation | Moffie, M.,Cheng, W.,Kaeli, D.,Zhao, Q. (2006). Hunting Trojan Horses. ASID'06: 1st Workshop on Architectural and System Support for Improving Software Dependability : 12-17. ScholarBank@NUS Repository. <a href="https://doi.org/10.1145/1181309.1181312" target="_blank">https://doi.org/10.1145/1181309.1181312</a> | |
| dc.identifier.isbn | 1595935762 | |
| dc.identifier.uri | http://scholarbank.nus.edu.sg/handle/10635/114663 | |
| dc.description.abstract | HTH (Hunting Trojan Horses) is a security framework developed for detecting difficult types of intrusions. HTH is intended as a complement to anti-virus software in that it targets unknown and zero-day Trojan Horses and Backdoors. In order to accurately identify these types of attacks HTH utilizes runtime information available during execution. The information collected includes fine-grained information flow, program execution flow and resources used.In this paper we present Harrier, an Application Security Monitor at the heart of our HTH framework. Harrier is an efficient run-time monitor that dynamically collects execution-related data. Harrier is capable of collecting information across different abstraction levels including architectural, system and library APIs. To date, Harrier is 3-4 times faster than comparable information flow tracking systems.Using the collected information, Harrier allows for accurate identification of abnormal program behavior. Preliminary results show a good detection rate with a low rate of false positives. Copyright 2006 ACM. | |
| dc.description.uri | http://libproxy1.nus.edu.sg/login?url=http://dx.doi.org/10.1145/1181309.1181312 | |
| dc.source | Scopus | |
| dc.subject | Data labeling | |
| dc.subject | Information flow control | |
| dc.subject | Program monitoring | |
| dc.subject | Run time environment | |
| dc.type | Conference Paper | |
| dc.contributor.department | SINGAPORE-MIT ALLIANCE | |
| dc.description.doi | 10.1145/1181309.1181312 | |
| dc.description.sourcetitle | ASID'06: 1st Workshop on Architectural and System Support for Improving Software Dependability | |
| dc.description.page | 12-17 | |
| dc.identifier.isiut | NOT_IN_WOS | |
| Appears in Collections: | Staff Publications | |
Show simple item record
Files in This Item:
There are no files associated with this item.
Items in DSpace are protected by copyright, with all rights reserved, unless otherwise indicated.