Skip Navigation

The Computer Journal 2004 47(5):511-526; doi:10.1093/comjnl/47.5.511
© 2004 by British Computer Society
This Article
Right arrow Full Text (PDF)
Right arrow Alert me when this article is cited
Right arrow Alert me if a correction is posted
Services
Right arrow Email this article to a friend
Right arrow Similar articles in this journal
Right arrow Alert me to new issues of the journal
Right arrow Add to My Personal Archive
Right arrow Download to citation manager
Right arrow Search for citing articles in:
ISI Web of Science (1)
Right arrowRequest Permissions
Google Scholar
Right arrow Articles by Catuogno, L.
Right arrow Articles by Visconti, I.
Right arrow Search for Related Content
Social Bookmarking
Add to CiteULike   Add to Connotea   Add to Del.icio.us  
What's this?

An Architecture for Kernel-Level Verification of Executables at Run Time

Luigi Catuogno1 * and Ivan Visconti2 §

1 Dipartimento di Informatica e Applicazioni, Università degli Studi di Salerno, Via S. Allende, 84081 Baronissi (SA), Italy, 2 Laboratoire d'Informatique, École Normale Supérieure 45, rue d'Ulm, 75230 Paris Cedex 05, France

Digital signatures have been proposed by several researchers as a way of preventing execution of malicious code. In this paper, we propose a general architecture for performing the signature verification as part of the kernel execution process. The proposed architecture does not require any change in the interpreters used to execute code and it can accommodate any executable format. We also report on our implementation for the Linux operating system that focuses on ELF and script executables. Experimental results show that our solution is of potential interest as virtually no slowdown is experienced in the execution.

Received 24 June 2003. Revised 4 November 2003.

* Email: luicat{at}dia.unisa.it

§ Email: ivan.visconti{at}ens.fr


Add to CiteULike CiteULike   Add to Connotea Connotea   Add to Del.icio.us Del.icio.us    What's this?




Disclaimer:
Please note that abstracts for content published before 1996 were created through digital scanning and may therefore not exactly replicate the text of the original print issues. All efforts have been made to ensure accuracy, but the Publisher will not be held responsible for any remaining inaccuracies. If you require any further clarification, please contact our Customer Services Department.