Annual Computer Security Applications Conference (ACSAC) 2012

Full Program »

CodeShield: Towards Personalized Application Whitelisting

Malware has been a major security problem in organizations and homes for more than a decade. One common feature of most malware attacks is that at a certain point early in the attack, an exe- cutable is dropped on the system which, when executed, enables the attacker to achieve their goals and maintain control of the compromised machine. In this paper we propose the concept of Personalized Application Whitelisting (PAW) to block all unsolicited for- eign code from executing on a system. We introduce CodeShield, an approach to implement PAW on Windows hosts. CodeShield uses a simple and novel security model, and a new user interaction approach for obtaining security-critical decisions from users. We have implemented CodeShield, demonstrated its security effectiveness, and conducted a user study, having 38 participants run CodeShield on their laptops for 6 weeks. Results from the data demonstrate the usability and promises of our design.

Author(s):

Christopher Gates    
Purdue University
United States

Ninghui Li    
Purdue University
United States

Jing Chen    
Purdue University
United States

Robert Proctor    
Purdue University
United States

 

Powered by OpenConf®
Copyright©2002-2014 Zakon Group LLC