Presentation is loading. Please wait.

Presentation is loading. Please wait.

Università degli Studi di Trento Trusted Flow for Malware Protection F. Massacci (DIT - University of Trento - www.dit.unitn.it)

Published byTobias Cunningham Modified over 8 years ago

Similar presentations

Presentation on theme: "Università degli Studi di Trento Trusted Flow for Malware Protection F. Massacci (DIT - University of Trento - www.dit.unitn.it)"— Presentation transcript:

1 Università degli Studi di Trento Trusted Flow for Malware Protection F. Massacci (DIT - University of Trento - www.dit.unitn.it)

2 Università degli Studi di Trento Observation on Trust Boundaries Cheating Husbands and other stories (Fagin et al.) Corporate Network looks like an Harem –Different hierachies of husbands (each with his privileges and precious jewelry) –Bulky Guards at the door –Spies and mail surveilance and censorship –Bedchamber boys Enter Laptops and mobility… –Allow husbands to have sex in the (internet) bazar –And then come back to harem carring malware with them… –They can become zombies controlled from outside… Something clearly wrong here…

3 Università degli Studi di Trento Trusted Flow for Malware Solution: Cut mobility, tighten entrance rule –Not really possible –So we must allow sex in the bazar Solution: Check behavior of husband once inside Option 1: check clothes are untainted –Digitally signed assemblies/software (eg.NET) –Not very good: show clean clothes at the door, use completely dirty dresses (eg latest rootkit, recent IAT attack on.NET by UniTN) Option 2: trusted flow for Malware

4 Università degli Studi di Trento Implementing Trusted Flow for Malware Inoculation of Vaccines into husbands –Injecting trusted flow into important sw once inside –Give husbands obfuscated drinks on wedding day –if vaccine spots keep appearing (trusted flow) fine –else repudiate husband (isolate laptop from network) Unfortunately… –Smart husbands can always reverse engineer software –Can tell original drink from inoculated drink –Can make their own anti-vaccines: give spots even if misbehaving

5 Università degli Studi di Trento Implementing Trusted Flow for Malware 2 Fortunately… –Normal husbands can only buy ready-made (automated) anti- vaccines from the bazar –Smart husbands aren’t many and have better things to do than making anti-vaccines (or having sex in the bazar for that matter) Objective: keep normal husbands from misbehaving –Vaccines should be unique to each husband –Vaccines should require human intervention for removal or bypassing

Download ppt "Università degli Studi di Trento Trusted Flow for Malware Protection F. Massacci (DIT - University of Trento - www.dit.unitn.it)"

Similar presentations

1 The Project of this year Mariano Ceccato FBK - Fondazione Bruno Kessler

1 The Project of this year Mariano Ceccato FBK - Fondazione Bruno Kessler
Online Learning and the Laptop Initiative Hidden Valley High School Roanoke County Public Schools 2006.

Online Learning and the Laptop Initiative Hidden Valley High School Roanoke County Public Schools 2006.
Don’t Be Tricked Beware of Zombies. Malicious zombie code infects computer Internet.

Don’t Be Tricked Beware of Zombies. Malicious zombie code infects computer Internet.
Firewalls By Tahaei Fall 2012. What is a firewall? a choke point of control and monitoring interconnects networks with differing trust imposes restrictions.

Firewalls By Tahaei Fall What is a firewall? a choke point of control and monitoring interconnects networks with differing trust imposes restrictions.
Supplied on \web site. on January 10 th, 2008 Customer Security Management Reducing Internet fraud June 1 st, 2008 eSAC Walk Thru © Copyright Prevx Limited.

Supplied on \web site. on January 10 th, 2008 Customer Security Management Reducing Internet fraud June 1 st, 2008 eSAC Walk Thru © Copyright Prevx Limited.
ENG 101 MOCK EXAM ANSWERS. PART ONE – LISTENING & NOTE-TAKING Listening Task 1 - (5 x 3pts = 15pts) 1. What do people say about test scores? (part A)

ENG 101 MOCK EXAM ANSWERS. PART ONE – LISTENING & NOTE-TAKING Listening Task 1 - (5 x 3pts = 15pts) 1. What do people say about test scores? (part A)
CHAPTER 2 KNOW YOUR VILLAINS. Who writes it: Malware writers vary in age, income level, location, social/peer interaction, education level, likes, dislikes.

CHAPTER 2 KNOW YOUR VILLAINS. Who writes it: Malware writers vary in age, income level, location, social/peer interaction, education level, likes, dislikes.
PHYSICAL SECURITY Attacker. Physical Security Not all attacks on your organization's data come across the network. Many companies focus on an “iron-clad”

PHYSICAL SECURITY Attacker. Physical Security Not all attacks on your organization's data come across the network. Many companies focus on an “iron-clad”
By: Carolyn Hundley 2009. Science Safety Contract I will act responsibly at all times in the laboratory. I will follow all instructions about laboratory.

By: Carolyn Hundley Science Safety Contract I will act responsibly at all times in the laboratory. I will follow all instructions about laboratory.
AVG 8.5 Product Line Welcome to a safe world …. | Page 2 Contents  Components Overview  Product Line Overview  AVG 8.0 Boxes.

AVG 8.5 Product Line Welcome to a safe world …. | Page 2 Contents  Components Overview  Product Line Overview  AVG 8.0 Boxes.
Bring Your On Device. What is BYOD? Students bring an electronic device such as smart phone, laptop, I-Pad, etc to school for: Researching information-

Bring Your On Device. What is BYOD? Students bring an electronic device such as smart phone, laptop, I-Pad, etc to school for: Researching information-
Safe IT – Protect your computer and Family from unwanted programs viruses and websites.

Safe IT – Protect your computer and Family from unwanted programs viruses and websites.
ROOTKIT VIRUS by Himanshu Mishra Points to be covered Introduction History Uses Classification Installation and Cloaking Detection Removal.

ROOTKIT VIRUS by Himanshu Mishra Points to be covered Introduction History Uses Classification Installation and Cloaking Detection Removal.
All rights reserved © 2005, Alcatel Risk Awareness in Enterprise IT Processes and Networks  Dr. Stephan Rupp.

All rights reserved © 2005, Alcatel Risk Awareness in Enterprise IT Processes and Networks  Dr. Stephan Rupp.
Vijay krishnan Avinesh Dupat  Collection of tools (programs) that enable administrator-level access to a computer or computer network.  The main purpose.

Vijay krishnan Avinesh Dupat  Collection of tools (programs) that enable administrator-level access to a computer or computer network.  The main purpose.
China Mobile Leader’s Programme Mobile Technology Jon Crowcroft +gmail, hotmail +441223763633.

China Mobile Leader’s Programme Mobile Technology Jon Crowcroft +gmail, hotmail
Engineering Secure Software. Lottery Story A Threat We Can’t Ignore  Documented incidents are prevalent Carnegie Melon’s SEI has studied over 700 cybercrimes.

Engineering Secure Software. Lottery Story A Threat We Can’t Ignore  Documented incidents are prevalent Carnegie Melon’s SEI has studied over 700 cybercrimes.
Scams and Schemes. Today’s Objective I can understand what identity theft is and why it is important to guard against it, I can recognize strategies that.

Scams and Schemes. Today’s Objective I can understand what identity theft is and why it is important to guard against it, I can recognize strategies that.
Copyright, Designs and Patents Act. Introduction You have spent three months working on your coursework. It is absolutely brilliant,, you just know that.

Copyright, Designs and Patents Act. Introduction You have spent three months working on your coursework. It is absolutely brilliant,, you just know that.
DIGITAL CITIZENSHIP 6 TH – 8 TH UNIT 1 LESSON 3 SCAMS & SCHEMES What is identity theft, and how can you protect yourself from it?

DIGITAL CITIZENSHIP 6 TH – 8 TH UNIT 1 LESSON 3 SCAMS & SCHEMES What is identity theft, and how can you protect yourself from it?

Similar presentations

Ads by Google