Full Program »
Preventing information leaks through shadow execution
PDF
0.3MB
Capizzi Roberto
University of Illinois at Chicago
United States
Antonio Longo
University of Illinois at Chicago
United States
V.N. Venkatakrishnan
University of Illinois at Chicago
United States
A. Prasad Sistla
University of Illinois at Chicago
United States
Abstract:
A concern about personal information confidentiality arises when
any desktop application communicates to the external network, for
example, to its producer’s server to obtain software version updates.
We address this confidentiality concern of end users by an approach
called shadow execution. A key property of shadow execution is that it
allows applications to successfully communicate over the network while
disallowing any information leaks. We describe the design and
implementation of this approach for Windows applications. Experiments
with our prototype implementation indicate that shadow execution
allows applications to execute without inhibiting any behaviors, has
acceptable performance overheads while preventing any information
leaks.