A Hybrid Multi-level Mechanism for Application Integrity Checking

Xian-hua LIU, Kun-liang RUAN, Chun YANG

Abstract


The protection of the integrity of the computer system, although not able to deal with all security threats, is still essential to enhance the overall security of the system. Integrity check may be a reasonable way to protect application from tampering with low cost. This paper designs a multi-level check mechanism of application integrity with multiple inspection methods, which can better display the advantages of different inspection methods. Hybrid checking method may be utilized for different file integrity checking demands. The paper also demonstrate the implementation of a high-performance Linux page-level integrity checking method, in reference to the design in NetBSD system. Experiment results show that it may better deal with the application file rollback attacks. And on machine with limited resource, for example, thin client, the overhead of integrity checking can be lower than 10%.

Keywords


Integrity checking, Demand paging, Code security.


DOI
10.12783/dtcse/cnsce2017/8891

Full Text:

PDF

Refbacks

  • There are currently no refbacks.