Verification of Security-Relevant Behavior Model and Security Policy for Model-Carrying Code

This article presents a method of verifying the safety of untrusted mobile code, using the model of security-relevant behaviors of code. This method verifies whether models violate users’ security policies to help users decide which programs to run and which not, and hence ensures the security of users’ systems and devices. Based on the framework of model-carrying code, we make several improvements: using the extended pushdown automaton (EPDA) as the program behavior model, reducing ambiguity in regular expressions over events (REE), proposing a new verification algorithm according to above significant improvements.

[1]  David Kotz,et al.  Mobile agents and the future of the internet , 1999, OPSR.

[2]  Daniel C. DuVarney,et al.  Model-carrying code: a practical approach for safe execution of untrusted applications , 2003, SOSP '03.

[3]  George C. Necula,et al.  Proof-carrying code , 1997, POPL '97.

[4]  R. C. Sekar,et al.  Intrusion detection/prevention using behavior specifications , 2003 .

[5]  Somesh Jha,et al.  Model-based intrusion detection system design and evaluation , 2006 .

[6]  Ville Laurikari,et al.  NFAs with tagged transitions, their conversion to deterministic automata and application to regular expressions , 2000, Proceedings Seventh International Symposium on String Processing and Information Retrieval. SPIRE 2000.

[7]  David A. Wagner,et al.  Mimicry attacks on host-based intrusion detection systems , 2002, CCS '02.

[8]  Giovanni Vigna,et al.  Detecting malicious JavaScript code in Mozilla , 2005, 10th IEEE International Conference on Engineering of Complex Computer Systems (ICECCS'05).