论文信息 - JVMTI-based Model Enforcement on Java Platform for Model-Carrying Code

JVMTI-based Model Enforcement on Java Platform for Model-Carrying Code

Model-carrying code(MCC) is an effective approach to ensuring the security of mobile code and provides a modelbased security framework for execution of untrusted applications. However, it faces several difficulties when applied to the most ubiquitous mobile code platform Java, as a new mechanism should be established in the enforcement phase to monitor program behavior of a thread in the Java virtual machine (JVM) instead of a process on the operating system. To address this problem, we develop a new method of model enforcement based on the JVM tool interface (JVM TI), which introduces few changes to JVM. Since the method keeps compatible with the Java specification requests (JSR), it enjoys a high level of portability. This paper also evaluates efficiency of our method under the assumption that each transition on the model costs a predefined constant period of time.

Xudong Zheng | Chen Sun | Yonglong Wei | Xiaojuan Zheng | Jinglei Ren

[1] Somesh Jha,et al. Model-based intrusion detection system design and evaluation , 2006 .

[2] Pradeep Padala,et al. Playing with ptrace, Part II , 2002 .

[3] Frank Yellin,et al. The Java Virtual Machine Specification , 1996 .

[4] Thomas Huining Feng. Extending Java with Checkpointing , 2005 .

[5] Kymie M. C. Tan,et al. Undermining an Anomaly-Based Intrusion Detection System Using Common Exploits , 2002, RAID.

[6] Bruno Crispo,et al. Extending the Java Virtual Machine to Enforce Fine-Grained Security Policies in Mobile Devices , 2007, Twenty-Third Annual Computer Security Applications Conference (ACSAC 2007).

[7] Daniel C. DuVarney,et al. Model-carrying code: a practical approach for safe execution of untrusted applications , 2003, SOSP '03.

[8] David A. Wagner,et al. Mimicry attacks on host-based intrusion detection systems , 2002, CCS '02.

[9] Hemma Prafullchandra,et al. Going Beyond the Sandbox: An Overview of the New Security Architecture in the Java Development Kit 1.2 , 1997, USENIX Symposium on Internet Technologies and Systems.