Internal Interface Diversification with Multiple Fake Interfaces
| dc.contributor.author | Rauti Sampsa | |
| dc.contributor.author | Leppänen Ville | |
| dc.contributor.organization | fi=ohjelmistotekniikka|en=Software Engineering| | |
| dc.contributor.organization-code | 1.2.246.10.2458963.20.71310837563 | |
| dc.converis.publication-id | 28651179 | |
| dc.converis.url | https://research.utu.fi/converis/portal/Publication/28651179 | |
| dc.date.accessioned | 2022-10-28T12:47:18Z | |
| dc.date.available | 2022-10-28T12:47:18Z | |
| dc.description.abstract | <p>Malware uses knowledge of well-known interfaces to achieve<br />its goals. However, if we uniquely diversify these interfaces<br />in each system, the malware no longer knows the ”language”<br />of a specific system and it becomes much more difficult for<br />malicious programs to operate. This paper extends the idea<br />of interface diversification by presenting a scheme where a<br />fake original interface and multiple other fake interfaces are<br />provided along with the valid interface in order to log the<br />suspicious activity in the system and possibly deceive malware<br />by initiating fallacious interaction with it. We also<br />present a proof-of-concept implementation of this scheme in<br />Linux environment and conduct experiments with it.<br /></p> | |
| dc.format.pagerange | 245 | |
| dc.format.pagerange | 250 | |
| dc.identifier.isbn | 978-1-4503-5303-8 | |
| dc.identifier.olddbid | 178973 | |
| dc.identifier.oldhandle | 10024/162067 | |
| dc.identifier.uri | https://www.utupub.fi/handle/11111/30794 | |
| dc.identifier.urn | URN:NBN:fi-fe2021042718081 | |
| dc.language.iso | en | |
| dc.okm.affiliatedauthor | Rauti, Sampsa | |
| dc.okm.affiliatedauthor | Leppänen, Ville | |
| dc.okm.discipline | 113 Computer and information sciences | en_GB |
| dc.okm.discipline | 113 Tietojenkäsittely ja informaatiotieteet | fi_FI |
| dc.okm.internationalcopublication | not an international co-publication | |
| dc.okm.internationality | International publication | |
| dc.okm.type | A4 Conference Article | |
| dc.publisher.country | United States | en_GB |
| dc.publisher.country | Yhdysvallat (USA) | fi_FI |
| dc.publisher.country-code | US | |
| dc.publisher.place | New York, NY | |
| dc.relation.conference | International Conference on Security of Information and Networks | |
| dc.relation.doi | 10.1145/3136825.3136900 | |
| dc.relation.ispartofseries | ACM International Conference Proceedings Series | |
| dc.source.identifier | https://www.utupub.fi/handle/10024/162067 | |
| dc.title | Internal Interface Diversification with Multiple Fake Interfaces | |
| dc.title.book | SIN '17 Proceedings of the 10th International Conference on Security of Information and Networks | |
| dc.year.issued | 2017 |
Tiedostot
1 - 1 / 1
Ladataan...
- Name:
- Multiple_fake_interfaces.pdf
- Size:
- 183.61 KB
- Format:
- Adobe Portable Document Format
- Description:
- Final draft