Takamasa Isohara scite author profile

To realize the provision of secure Android applications, this paper proposes an application development and management system, or ADMS for short, that is operated and maintained by application developers and the market manager. ADMS requires (i) Android OS to be equipped with a "security manager", (ii) all application developers to embed a code for event notification into applications to tell every event to the security manager whenever an application launches a security-related event, and (iii) market manager to remove all such applications that don't include the event notification code.

show abstract

LSM-Based Secure System Monitoring Using Kernel Protection Schemes

Isohara

Takemori

Miyake

et al. 2010

View full text Add to dashboard Cite

Monitoring a process and its file I/O behaviors is important for security inspection for a data center server against intrusions, malware infection and information leakage. In the case of the Linux kernel 2.6, a set of hook functions called the Linux Security Module (LSM) has been implemented in order to monitor and control the system calls. By using the LSM we can inspect the activity of unknown malicious processes. However, a sophisticated attacker could breach the kernel configurations using the rootkits. Furthermore since the monitoring results of the malicious process activity are stored as a file on Hard Disk Drive (HDD), it will be easily manipulated by the attacker. In this paper, we propose a secure monitoring scheme that addresses the attacks against the monitoring module and its result for security inspection of the data center server. The monitoring module is implemented as a LSM-based function and protected by the kernel protection technique. The integrity of the monitoring result is guaranteed by using a Mandatory Access Control (MAC) of the Linux kernel and a mechanism of the trusted process invocation. This mechanism can serve as an infrastrucuture of secure inspection platform for data center server because the integrity of the monitoring module and its result is guaranteed.

show abstract

scite is a Brooklyn-based organization that helps researchers better discover and understand research articles through Smart Citations–citations that display the context of the citation and describe whether the article provides supporting or contrasting evidence. scite is used by students and researchers from around the world and is funded in part by the National Science Foundation and the National Institute on Drug Abuse of the National Institutes of Health.

Contact Info

customersupport@researchsolutions.com

10624 S. Eastern Ave., Ste. A-614

Henderson, NV 89052, USA

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

Blog Terms and Conditions API Terms Privacy Policy Contact Cookie Preferences Do Not Sell or Share My Personal Information

Made with 💙 for researchers

Part of the Research Solutions Family.

Takamasa Isohara

Kernel-based Behavior Analysis for Android Malware Detection

Detection of HTTP-GET flood Attack Based on Analysis of Page Access Behavior

A Proposal to Realize the Provision of Secure Android Applications -- ADMS: An Application Development and Management System

LSM-Based Secure System Monitoring Using Kernel Protection Schemes

Contact Info

Product

Resources

About