Application integrity verification in multi-tier architectures
作者: Omer Tripp , Marco Pistoia , Pietro Ferrara , John Ponzo
DOI:
关键词: Computer hardware 、 Multi tier 、 Static analysis 、 Active phase 、 Software 、 User device 、 Phase (waves) 、 Vulnerability (computing) 、 Computer science
摘要: A method and system of determining a vulnerability software are provided. In setup phase, an authorized application is received from source. Static analysis performed to identify plurality structural characteristics, which stored. During active call user device having target purporting be version the application, during runtime application. One or more characteristics selected characteristics. The requested provide one Upon that report does not match between characteristic identified unsecure.
lens.org 参考文章(21)
Graeme Kerr Harkness, Neil William Stewart, Douglas McPherson Little, Anti-Tamper System Employing Automated Analysis ,(2009)
Osman Abdoul Ismael, Optimized resource allocation for virtual machines within a malware content detection system ,(2013)
Garney Adams, Yuan Xiang Gu, Jack Rong, System and method to protect Java bytecode code against static and dynamic attacks within hostile execution environments ,(2010)
Cedric Fournet, Abhishek Prateek, Jeffrey van Gogh, Benjamin Livshits, Krishnaprasad Vikram, Danny van Velzen, Henricus Johannes Maria Meijer, Automatically Securing Distributed Applications ,(2014)
Yuqun Chen, Ramarathnam Venkatesan, Matthew Cary, Ruoming Pang, Saurabh Sinha, Mariusz H. Jakubowski, Oblivious Hashing: A Stealthy Software Integrity Verification Primitive information hiding. pp. 400- 414 ,(2002) , 10.1007/3-540-36415-3_26
David Bryan Dewey, Software module object analysis ,(2012)
Zheng Bu, Muhammad Amin, Osman Abdoul Ismael, Ashar Aziz, System, apparatus and method for automatically verifying exploits within suspect objects and highlighting the display information associated with the verified exploits ,(2014)
Matthew Patrick Moynahan, Christopher John Wysopal, Simeon Simeonov, Malcolm Wright Lockhart, Christopher James Eng, Assessment and analysis of software security flaws ,(2008)
Srinivas Devadas, Blaise Gassend, Marten van Dijk, Dwaine Clarke, G. Edward Suh, Efficient memory integrity verification and encryption for secure processors international symposium on microarchitecture. pp. 339- 350 ,(2003) , 10.5555/956417.956575
Uday R. Savagaonkar, David M. Durham, Embedding and patching integrity information in a program file having relocatable file sections ,(2006)