Data Derivation Investigation

Authors

  • Kadam SS Department of Computer Engineering, SCOE, Sudumbare, Pune University of Pune
  • Kumbharkar PB Department of Computer Engineering, SCOE, Sudumbare, Pune University of Pune

Keywords:

Authentication, malware, cryptography, derivation, networking

Abstract

Malicious software is a major issue in today’s computer world. Such software can silently reside in user’s computer and can easily interact with computing resources. It is necessary to improve the honesty of host and its system data. For improvement in security and honesty of host, this work is introduced. This mechanism ensures the correct origin or provenance of critical system information and prevents utilization of host resources by malware. Using this mechanism the source where a piece of data is generated can be identified. A cryptographic origin approach ensures system properties and system- data integrity at kernel level. A frame work is used for restricting outbound malware traffic. This frame work identifies network activities of malware. This frame work can be used as powerful personal firewall for investigating outgoing traffic of a host. Specifically, our derivation verification scheme requires outgoing network packets to flow through a checkpoint on a host, to obtain proper origin proofs for later verification.

References

. Kui Xu, Huijun Xiong, Chehai Wu, Deian Stefan, Danfeng Yao Data-Provenance Verification For Secure Hosts In IEEE Transactions on Dependable and Secure Computing Vol.9 No.2 Year 2012

. A. Baliga, V. Ganapathy, and L. Iftode. Automatic inference and enforcement of kernel data structure invariants. In 24th Annual Computer Security Applications Conference (ACSAC), 2008.

. D. E. Denning. A lattice model of secure information flow. Commun. ACM, 19:236–243, May 1976.

. D. E. Denning and P. J. Denning. Certification of programs for secure information flow. Commun. ACM, 20:504–513, July, 1977.

. W. Cui, R. H. Katz, andW. tian Tan. Design and Implementation of an extrusion-based break-in detector for personal computers. In ACSAC, pages 361–370. IEEE Computer Society, 2005.

. M. G. Jaatun, J. Jensen, H. Vegge, F. M. Halvorsen, and R. W. Nergard. Fools download where angels fear to tread. IEEE Security & Privacy, 7(2):83–86, 2009.

. H. Xiong, P. Malhotra, D. Stefan, C. Wu, and D. Yao. Userassisted host-based detection of outbound malware traffic. In Proceedings of International Conference on Information and Communications Security (ICICS), December 2009.

. R. Gummadi, H. Balakrishnan, P. Maniatis, and S Ratnasamy. Not-a-Bot: Improving service availability in the face of botnet attacks. In Proceedings of the 6th USENIX Symposium on Networked Systems Design and Implementation (NDSI), 2009.

. M. Christodorescu, S. Jha, and C. Kruegel. Mining specifications of malicious behavior. In ESEC-FSE ’07: Proceedings of the 6th joint meeting of the European software engineering conference and the ACM SIGSOFT symposium on the foundations of software engineering, pages 5–14, New York, NY, USA, 2007. ACM.

. A. Srivastava and J. Giffin. Tamper-resistant, Application-aware blocking of malicious network connections. In RAID ’08: Proceedings of the 11th international symposium on Recent Advances in Intrusion Detection, pages 39–58, Berlin, Heidelberg, 2008. Springer-Verlag

. S. Garriss, R. C´aceres, S. Berger, R. Sailer, L. van Doorn, and X. Zhang. Trustworthy and personalized Computing on public kiosks. In MobiSys ’08: Proceeding of the 6th international conference on Mobile systems, applications, and services, pages 199–210, New York, NY, USA, 2008. ACM.

. A. Baliga, P. Kamat, and L. Iftode. Lurking in the shadows: Identifying systemic threats to kernel data. In IEEE Symposium on Security and Privacy, pages 246–251. IEEE Computer Society, 2007.

. J. Wei, B. D. Payne, J. Giffin, and C. Pu. Soft-timer driven transient kernel control flow attacks and defense. In ACSAC ’08: Proceedings of the 2008 Annual Computer Security Applications Conference, pages 97–107, Washington, DC, USA, 2008. IEEE Computer Society.

. Z. Wang, X. Jiang, W. Cui, and X. Wang. Countering persistent kernel rootkits through systematic hook discovery. In RAID ’08: Proceedings of the 11th international symposium on Recent Advances in Intrusion Detection, pages 21–38, Berlin, Heidelberg, 2008. Springer-Verlag.

Downloads

Published

2024-02-26

How to Cite

Kadam, S., & Kumbharkar, P. (2024). Data Derivation Investigation. COMPUSOFT: An International Journal of Advanced Computer Technology, 3(06), 854–859. Retrieved from https://ijact.in/index.php/j/article/view/152

Issue

Section

Original Research Article