{"title":"为Windows 2000/XP系统管理员提供的保护环境,防止恶意程序的攻击","authors":"Adrian Spalka, M. Winandy","doi":"10.1109/CMPSAC.2003.1245336","DOIUrl":null,"url":null,"abstract":"Malicious program attacks pose a serious threat to operating systems. If an operator can be tricked into running such a program its abilities to manipulate a system are unlimited. This work, which addresses Windows 2000/XP, is a part of our effort of creating a protected execution environment for applications with high security demands. We analyse attacks by malicious programs that manipulate systems components during their installation by an administrator. It turns out that most of these manipulations are likely to remain unnoticed by the human user. However, we show that the operating system's protection mechanisms can be used to prevent or detect all manipulations that can endanger our protected environment. We combine these mechanisms in a restricted shell, which the administrator should use for the execution of possibly untrustworthy programs.","PeriodicalId":173397,"journal":{"name":"Proceedings 27th Annual International Computer Software and Applications Conference. COMPAC 2003","volume":"3 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"2003-11-03","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"0","resultStr":"{\"title\":\"A protection environment for administrators of Windows 2000/XP against malicious program attacks\",\"authors\":\"Adrian Spalka, M. Winandy\",\"doi\":\"10.1109/CMPSAC.2003.1245336\",\"DOIUrl\":null,\"url\":null,\"abstract\":\"Malicious program attacks pose a serious threat to operating systems. If an operator can be tricked into running such a program its abilities to manipulate a system are unlimited. This work, which addresses Windows 2000/XP, is a part of our effort of creating a protected execution environment for applications with high security demands. We analyse attacks by malicious programs that manipulate systems components during their installation by an administrator. It turns out that most of these manipulations are likely to remain unnoticed by the human user. However, we show that the operating system's protection mechanisms can be used to prevent or detect all manipulations that can endanger our protected environment. We combine these mechanisms in a restricted shell, which the administrator should use for the execution of possibly untrustworthy programs.\",\"PeriodicalId\":173397,\"journal\":{\"name\":\"Proceedings 27th Annual International Computer Software and Applications Conference. COMPAC 2003\",\"volume\":\"3 1\",\"pages\":\"0\"},\"PeriodicalIF\":0.0000,\"publicationDate\":\"2003-11-03\",\"publicationTypes\":\"Journal Article\",\"fieldsOfStudy\":null,\"isOpenAccess\":false,\"openAccessPdf\":\"\",\"citationCount\":\"0\",\"resultStr\":null,\"platform\":\"Semanticscholar\",\"paperid\":null,\"PeriodicalName\":\"Proceedings 27th Annual International Computer Software and Applications Conference. COMPAC 2003\",\"FirstCategoryId\":\"1085\",\"ListUrlMain\":\"https://doi.org/10.1109/CMPSAC.2003.1245336\",\"RegionNum\":0,\"RegionCategory\":null,\"ArticlePicture\":[],\"TitleCN\":null,\"AbstractTextCN\":null,\"PMCID\":null,\"EPubDate\":\"\",\"PubModel\":\"\",\"JCR\":\"\",\"JCRName\":\"\",\"Score\":null,\"Total\":0}","platform":"Semanticscholar","paperid":null,"PeriodicalName":"Proceedings 27th Annual International Computer Software and Applications Conference. COMPAC 2003","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1109/CMPSAC.2003.1245336","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}
A protection environment for administrators of Windows 2000/XP against malicious program attacks
Malicious program attacks pose a serious threat to operating systems. If an operator can be tricked into running such a program its abilities to manipulate a system are unlimited. This work, which addresses Windows 2000/XP, is a part of our effort of creating a protected execution environment for applications with high security demands. We analyse attacks by malicious programs that manipulate systems components during their installation by an administrator. It turns out that most of these manipulations are likely to remain unnoticed by the human user. However, we show that the operating system's protection mechanisms can be used to prevent or detect all manipulations that can endanger our protected environment. We combine these mechanisms in a restricted shell, which the administrator should use for the execution of possibly untrustworthy programs.
京公网安备 11010802042870号
京ICP备2023020795号-1
分享
求助内容:
应助结果提醒方式:
扫码关注我们
