C. Jang, Jeongseok Kim, H. Jang, Sundo Park, B. Jang, Bong-hoi Kim, E. Choi
{"title":"基于规则的软件安全保障审计系统","authors":"C. Jang, Jeongseok Kim, H. Jang, Sundo Park, B. Jang, Bong-hoi Kim, E. Choi","doi":"10.1109/ICUFN.2009.5174311","DOIUrl":null,"url":null,"abstract":"We can use information and software of various forms without being restricted for place and time if ubiquitous computing age comes. However, its dysfunction is causing security problems such as outflow of personal information, hacking, diffusion of virus. Specially, dissemination of software that has malicious purpose in ubiquitous computing environment causes serious damage. We have studied about malicious code detection and software vulnerability detection tool to prevent this. But, existent detection tools are not suited to general software, because they are limitative in specification area. In addition, they cannot detect a newly appeared malicious code. We must update pattern of new malicious code, because they use a simple pattern matching technique. In this paper, we propose rule-based auditing system that analyzes structure of target code to solve these problems, define this as rule, and detect malicious codes and software vulnerabilities. Proposed auditing system can construct secure ubiquitous computing environment, because it will be used by a common software audit system that reason about source codes security.","PeriodicalId":371189,"journal":{"name":"2009 First International Conference on Ubiquitous and Future Networks","volume":"65 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"2009-06-07","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"7","resultStr":"{\"title\":\"Rule-based auditing system for software security assurance\",\"authors\":\"C. Jang, Jeongseok Kim, H. Jang, Sundo Park, B. Jang, Bong-hoi Kim, E. Choi\",\"doi\":\"10.1109/ICUFN.2009.5174311\",\"DOIUrl\":null,\"url\":null,\"abstract\":\"We can use information and software of various forms without being restricted for place and time if ubiquitous computing age comes. However, its dysfunction is causing security problems such as outflow of personal information, hacking, diffusion of virus. Specially, dissemination of software that has malicious purpose in ubiquitous computing environment causes serious damage. We have studied about malicious code detection and software vulnerability detection tool to prevent this. But, existent detection tools are not suited to general software, because they are limitative in specification area. In addition, they cannot detect a newly appeared malicious code. We must update pattern of new malicious code, because they use a simple pattern matching technique. In this paper, we propose rule-based auditing system that analyzes structure of target code to solve these problems, define this as rule, and detect malicious codes and software vulnerabilities. Proposed auditing system can construct secure ubiquitous computing environment, because it will be used by a common software audit system that reason about source codes security.\",\"PeriodicalId\":371189,\"journal\":{\"name\":\"2009 First International Conference on Ubiquitous and Future Networks\",\"volume\":\"65 1\",\"pages\":\"0\"},\"PeriodicalIF\":0.0000,\"publicationDate\":\"2009-06-07\",\"publicationTypes\":\"Journal Article\",\"fieldsOfStudy\":null,\"isOpenAccess\":false,\"openAccessPdf\":\"\",\"citationCount\":\"7\",\"resultStr\":null,\"platform\":\"Semanticscholar\",\"paperid\":null,\"PeriodicalName\":\"2009 First International Conference on Ubiquitous and Future Networks\",\"FirstCategoryId\":\"1085\",\"ListUrlMain\":\"https://doi.org/10.1109/ICUFN.2009.5174311\",\"RegionNum\":0,\"RegionCategory\":null,\"ArticlePicture\":[],\"TitleCN\":null,\"AbstractTextCN\":null,\"PMCID\":null,\"EPubDate\":\"\",\"PubModel\":\"\",\"JCR\":\"\",\"JCRName\":\"\",\"Score\":null,\"Total\":0}","platform":"Semanticscholar","paperid":null,"PeriodicalName":"2009 First International Conference on Ubiquitous and Future Networks","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1109/ICUFN.2009.5174311","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}
Rule-based auditing system for software security assurance
We can use information and software of various forms without being restricted for place and time if ubiquitous computing age comes. However, its dysfunction is causing security problems such as outflow of personal information, hacking, diffusion of virus. Specially, dissemination of software that has malicious purpose in ubiquitous computing environment causes serious damage. We have studied about malicious code detection and software vulnerability detection tool to prevent this. But, existent detection tools are not suited to general software, because they are limitative in specification area. In addition, they cannot detect a newly appeared malicious code. We must update pattern of new malicious code, because they use a simple pattern matching technique. In this paper, we propose rule-based auditing system that analyzes structure of target code to solve these problems, define this as rule, and detect malicious codes and software vulnerabilities. Proposed auditing system can construct secure ubiquitous computing environment, because it will be used by a common software audit system that reason about source codes security.
京公网安备 11010802042870号
京ICP备2023020795号-1
分享
求助内容:
应助结果提醒方式:
扫码关注我们
