Please use this identifier to cite or link to this item:
Title: Towards more secure program execution environments
Keywords: Computer security, Intrusion Detection System, Authentication system, Vulnerability management, Public Key Infrastructure, Authentication logic
Issue Date: 31-Mar-2010
Citation: SUFATRIO (2010-03-31). Towards more secure program execution environments. ScholarBank@NUS Repository.
Abstract: The increasing prevalence of cyber attacks is a worrying trend in the Internet age. This thesis aims to enhance host security by providing more secure program execution environments. Our approach is based on securing the "Program Protection Life Cycle (PPLC)" which protects programs throughout their life cycles. Firstly, to mitigate the threat of zero-day attacks, we investigate a system-call monitoring IDS. We show how a non-parameterized Self-based IDS is vulnerable to mimicry attacks. We then improve the IDS by employing a privilege and argument abstraction technique. Furthermore, we propose a general framework which demonstrates how the attack construction approach can apply to various IDS models. Secondly, to ensure vulnerability-free program executions, we propose a lightweight executable authentication scheme and an automated vulnerability management scheme. Thirdly, we address Public Key Infrastructure (PKI) by proposing lightweight and near real-time revocation schemes, and a formalism to reason with modern PKI-based systems and protocols.
Appears in Collections:Ph.D Theses (Open)

Show full item record
Files in This Item:
File Description SizeFormatAccess SettingsVersion 
Sufatrio-HT027281H-PhD-Thesis-Uploaded.pdf1.88 MBAdobe PDF



Page view(s)

checked on Apr 19, 2019


checked on Apr 19, 2019

Google ScholarTM


Items in DSpace are protected by copyright, with all rights reserved, unless otherwise indicated.