WO2012057605A1 - Method and system to establish a trusted interface in a network environment - Google Patents

Method and system to establish a trusted interface in a network environment Download PDF

Info

Publication number
WO2012057605A1
WO2012057605A1 PCT/MY2011/000055 MY2011000055W WO2012057605A1 WO 2012057605 A1 WO2012057605 A1 WO 2012057605A1 MY 2011000055 W MY2011000055 W MY 2011000055W WO 2012057605 A1 WO2012057605 A1 WO 2012057605A1
Authority
WO
WIPO (PCT)
Prior art keywords
interface
trusted
networks
machine
machine readable
Prior art date
Application number
PCT/MY2011/000055
Other languages
French (fr)
Inventor
Setapa Sharipah
Anuar Mat Isa Mohd
Abdullah Nazri
Ab Manan Jamalul-Lail
Abdul Kadir Azimah
Original Assignee
Mimos Berhad
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Mimos Berhad filed Critical Mimos Berhad
Publication of WO2012057605A1 publication Critical patent/WO2012057605A1/en

Links

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/14Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic
    • H04L63/1441Countermeasures against malicious traffic
    • H04L63/145Countermeasures against malicious traffic the attack involving the propagation of malware through the network, e.g. viruses, trojans or worms
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/50Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
    • G06F21/55Detecting local intrusion or implementing counter-measures
    • G06F21/56Computer malware detection or handling, e.g. anti-virus arrangements
    • G06F21/566Dynamic detection, i.e. detection performed at run-time, e.g. emulation, suspicious activities
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/50Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
    • G06F21/57Certifying or maintaining trusted computer platforms, e.g. secure boots or power-downs, version controls, system software checks, secure updates or assessing vulnerabilities
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L67/00Network arrangements or protocols for supporting network services or applications
    • H04L67/14Session management
    • H04L67/141Setup of application sessions

Definitions

  • the present invention relates to a method and system to establish a trusted interface in a cloud network environment for protection against malware attacks.
  • Malware or malicious software is designed to access a computer system without the user's permission. Malware robs victims of their personal and proprietary information with the intent of monetizing stolen data through direct use or underground distribution. Malware can take a variety of forms and frequently use software or program codes as hosts. The phrase "computer virus” is typically used to describe all types of malware including true viruses. Malware is difficult to detect because it deletes or corrupts files on the local disks or library.
  • malware Once the function call enters the user's computer system, the memory may store the function call and the operating system of the computer will unknowingly execute the malicious code found in the function call.
  • malware Once malware enters the network, malware takes control of the application as malwares are stored in a cache that is routinely flushed and installed via a drive-by-download process.
  • the malicious content security threats include screen scrapper, spyware, adware, hook-based key loggers, etc.
  • the present invention provides a methodology and system which establishes a trusted interface in a network environment for protecting against malware attacks.
  • the approach of the present invention provides protection of a predefined path through measurement of the predefined path wherein the network system is capable of detecting a change in the direction of the path.
  • the present invention provides a method (300) for providing trusted interface in networks.
  • the method comprising steps of providing secure interface by performing integrity measurement on user input devices (302), connecting at least one interface in machine configuration of networks to at least one machine readable instructions in virtual machine of networks (304), initializing the at least one interface in networks (306), verifying trusted interface in networks (308), validating trusted interface in networks (310) and executing the at least one application in trusted environment (312).
  • the said method for verifying trusted interface in networks (308) further comprises steps of identifying at least one current interface and sequences of execution of the current interface (402), collecting information of current interface and sequences of execution of current interface (404), measuring current interface and sequences of execution of current interface (406) and performing hashing of machine readable instructions on current interface (408). Thereafter, output of the machine readable instructions is stored into at least one security device (410).
  • Another aspect of the present invention provides for initialization of interface in the networks.
  • the method for initializing the interface in networks (306) further comprises identifying trusted interface and sequence of execution of machine readable instructions in networks (502) and storing collected information into trusted storage (504).
  • the method for validating trusted interface in networks (310) further comprises the steps of comparing integrity measurement of current interface with integrity measurement stored in trusted storage (602) wherein information indicative of valid integrity measurement executes the at least one machine readable instructions in a trusted environment (604) and information indicative of invalid integrity measurement aborts execution of the machine readable instructions (606).
  • a further aspect of the present invention is a system (100) for providing trusted interface in networks.
  • the system comprising at least one machine having at least one interface, Trusted Platform Module and User Interface Manager and at least one virtual machine having virtualized Trusted Platform Module and User Interface Manager.
  • the said User Interface Manager having means for providing secure interface by performing integrity measurement on user input device or devices, connecting at least one interface in a machine of the network to at least one application in virtual machine of networks, initializing the at least one interface in networks, verifying trusted interface in networks, validating trusted interface in networks and executing the at least one machine readable instructions in trusted environment.
  • FIG. 1 illustrates network architecture of the trusted interface in a network environment.
  • FIG. 2 illustrates the process flow of the network from the client's perspective.
  • FIG. 3 is a flowchart illustrating a method for providing a trusted interface in a network.
  • FIG. 4 is a flowchart illustrating a method for verifying the trusted interface in the network.
  • FIG. 5 is a flowchart illustrating a method for initializing the interface in the network.
  • FIG. 6 is a flowchart illustrating a method for validating the trusted interface in the network.
  • This invention relates to a method and system to establish a trusted interface in a cloud network environment for protection against malware attacks.
  • the specification will describe the present invention according to the preferred embodiments. It is understood that limiting the description to the preferred embodiments of the invention is merely to facilitate discussion of the present invention without departing from the scope of the accompanying claims.
  • FIG. 1 illustrates network architecture of the trusted interface in a network environment
  • FIG. 2 illustrates the process flow of the network from the client's perspective.
  • the system of the network includes at least one machine having at least one interface, Trusted Platform Module and User Interface Manager and at least one virtual machine having virtualized Trusted Platform Module and User Interface Manager. Further, multiple clients may interface with applications (APP) in the network.
  • APP applications
  • the present invention is not limited to a single user or machine.
  • a user interface (102) is connected to machine readable instructions in virtual machine, which resides on the cloud.
  • Cloud computing is an Internet-based computing where shared resources, software, and information is provided to computers and other devices on demand.
  • the user interface (102) may be mobile computing device or mobile internet device, such as mobile phone, radio phone, smartphone, PDA, handheld computer, tablet computer, laptop computer, or notebook computer.
  • the User Interface Manager (104) provides for secure user interface of the machine readable instructions and the library files (103). Thereafter, User Interface Manager (104) performs an integrity measurement on user input devices through graphical user interface or console application.
  • the present invention can be employed on machine readable instructions such as operating systems (105), (e.g. Windows or Linux).
  • the mechanism implements virtualized hardware platform (106), which is used as root of trust for integrity measurement.
  • the virtualized hardware platform (106) may be Trusted Platform Module (TPM) or virtualized Trusted Platform Module (vTPM).
  • TPM Trusted Platform Module
  • vTPM virtualized Trusted Platform Module
  • the User Interface Manager (104) connects at least one interface in machine of networks to at least one machine readable instructions in virtual machine of the networks. Thereafter, the User Interface Manager initializes the at least one interface in networks and verifies trusted interface in networks.
  • the User Interface Manager validates trusted interface in networks and executes the at least one application in trusted environment.
  • the TPM is a machine readable chip designed to enable machines to achieve greater levels of security.
  • the TPM specification is proprietary of the Trusted Computing Group (TCG) and manufactured by Atmel, Broadcom, Infineon, Sinosun, and STMicroelectronics. TPM provides secure storage, platform measurement, reporting, and platform authentication.
  • FIG. 3 is a flowchart illustrating method for providing trusted interface in networks while FIG. 4 is a flowchart illustrating method for verifying trusted interface in the networks and FIG. 5 is a flowchart illustrating method for initializing interface in networks.
  • integrity measurement on a user input device is first performed to provide a secure interface (302).
  • Secure interface is provided by detecting changes in the direction of paths in networks to protect from malware attacks.
  • secure interface is identified and connects to applications in Virtual Machines that reside on the cloud (302).
  • the said interface in networks is initialized (306) by identifying trusted interface and sequence of execution of machine readable instructions in networks (502).
  • the collected information is then stored into trusted storage (504).
  • the interface in networks includes executable machine instructions for execution on machines and/or virtual machines.
  • the executable machine instructions are loaded into memory of the machines and/or virtual machines for verification and validation of integrity.
  • Verification of the trusted interface in the network comprises steps of identifying at least one current interface and sequences of execution of current interface (402), collecting information of current interface and sequences of execution of current interface (404), measuring current interface and sequences of current interface (406), performing hashing of machine readable instructions on current interface (408). Specifically, hashing generates a number from a string of text. The output of machine readable instruction is stored into security device (410). Security device is Platform Configuration Registers in Trusted Platform Module.
  • trusted interface in network is validated (310) wherein integrity measurement of current interface is compared with the original initial measurement that is stored in trusted storage (602). As a result, valid integrity measurement will be executed in trusted network environment (604) while invalid integrity measurement aborts execution of the machine readable instructions (606).
  • the method to establish trusted interface in network environment as described in the present invention includes User Interface Manager at machine readable instructions layer that enables verification and validation of trusted interface by User Interface Manager via hashing of machine readable instructions for preventing malware attacks.

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Computer Hardware Design (AREA)
  • General Engineering & Computer Science (AREA)
  • Software Systems (AREA)
  • Theoretical Computer Science (AREA)
  • Physics & Mathematics (AREA)
  • Virology (AREA)
  • Health & Medical Sciences (AREA)
  • General Physics & Mathematics (AREA)
  • General Health & Medical Sciences (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Computing Systems (AREA)
  • Data Exchanges In Wide-Area Networks (AREA)
  • Computer And Data Communications (AREA)

Abstract

One embodiment of the present invention provides a method (300) for providing trusted interface in a network. The method comprising steps of providing secure interface by performing integrity measurement on user input device (302), connecting at least one interface in machine of networks to at least one machine readable instruction in virtual machine of networks (304), initializing the at least one interface in networks (306), verifying trusted interface in networks (308), validating trusted interface in networks (310) and executing the at least one machine readable instructions in trusted environment (312). Another embodiment of the present invention is a system (100) for providing trusted interface in networks. The system comprises at least one machine having at least one interface, Trusted Platform Module and User Interface Manager and at least one virtual machine having virtualized Trusted Platform Module and User Interface Manager.

Description

METHOD AND SYSTEM TO ESTABLISH A TRUSTED INTERFACE IN A NETWORK
ENVIRONMENT
FIELD OF INVENTION
The present invention relates to a method and system to establish a trusted interface in a cloud network environment for protection against malware attacks.
BACKGROUND ART
Malware or malicious software is designed to access a computer system without the user's permission. Malware robs victims of their personal and proprietary information with the intent of monetizing stolen data through direct use or underground distribution. Malware can take a variety of forms and frequently use software or program codes as hosts. The phrase "computer virus" is typically used to describe all types of malware including true viruses. Malware is difficult to detect because it deletes or corrupts files on the local disks or library.
In conventional and currently existing operating systems, for example, Windows and Linux, frequently send updates of their system and library files for use by any application. This allows for the insertion of a malicious application through coding via a library file that contains a malicious code, such as, hook.dll to make a function call. The malicious applications are installed by a predefined path before execution of the application. Thus, malware does not attack the file. It is embedded as a predefined path in a request to load an executable file known as a function call.
Once the function call enters the user's computer system, the memory may store the function call and the operating system of the computer will unknowingly execute the malicious code found in the function call. Once malware enters the network, malware takes control of the application as malwares are stored in a cache that is routinely flushed and installed via a drive-by-download process. The malicious content security threats include screen scrapper, spyware, adware, hook-based key loggers, etc.
l The present invention provides a methodology and system which establishes a trusted interface in a network environment for protecting against malware attacks. In addition, the approach of the present invention provides protection of a predefined path through measurement of the predefined path wherein the network system is capable of detecting a change in the direction of the path.
The subject matter claimed herein is not limited to embodiments that solve any disadvantages or that operate only in environments such as those described above. Rather, this background is only provided to illustrate an exemplary technology area where some embodiments described herein may be practiced.
SUMMARY OF THE INVENTION
The present invention provides a method (300) for providing trusted interface in networks. The method comprising steps of providing secure interface by performing integrity measurement on user input devices (302), connecting at least one interface in machine configuration of networks to at least one machine readable instructions in virtual machine of networks (304), initializing the at least one interface in networks (306), verifying trusted interface in networks (308), validating trusted interface in networks (310) and executing the at least one application in trusted environment (312). The said method for verifying trusted interface in networks (308) further comprises steps of identifying at least one current interface and sequences of execution of the current interface (402), collecting information of current interface and sequences of execution of current interface (404), measuring current interface and sequences of execution of current interface (406) and performing hashing of machine readable instructions on current interface (408). Thereafter, output of the machine readable instructions is stored into at least one security device (410).
Another aspect of the present invention provides for initialization of interface in the networks. The method for initializing the interface in networks (306) further comprises identifying trusted interface and sequence of execution of machine readable instructions in networks (502) and storing collected information into trusted storage (504).
Another aspect of the present invention provides for validation of trusted interface in networks. The method for validating trusted interface in networks (310) further comprises the steps of comparing integrity measurement of current interface with integrity measurement stored in trusted storage (602) wherein information indicative of valid integrity measurement executes the at least one machine readable instructions in a trusted environment (604) and information indicative of invalid integrity measurement aborts execution of the machine readable instructions (606).
A further aspect of the present invention is a system (100) for providing trusted interface in networks. The system comprising at least one machine having at least one interface, Trusted Platform Module and User Interface Manager and at least one virtual machine having virtualized Trusted Platform Module and User Interface Manager. The said User Interface Manager having means for providing secure interface by performing integrity measurement on user input device or devices, connecting at least one interface in a machine of the network to at least one application in virtual machine of networks, initializing the at least one interface in networks, verifying trusted interface in networks, validating trusted interface in networks and executing the at least one machine readable instructions in trusted environment.
The present invention consists of features and a combination of parts hereinafter fully described and illustrated in the accompanying drawings where it is understood that various changes in the details may be made without departing from the scope of the invention or sacrificing any of the advantages of the present invention.
BRIEF DESCRIPTION OF ACCOMPANYING DRAWINGS
To further clarify various aspects of some embodiments of the present invention, a more particular description of the invention will be rendered by references to specific embodiments thereof, which are illustrated in the appended drawings. It is appreciated that these drawings depict only typical embodiments of the invention and are therefore not to be considered limiting of its scope. The invention will be described and explained with additional specificity and detail through the accompanying drawings in which:
FIG. 1 illustrates network architecture of the trusted interface in a network environment.
FIG. 2 illustrates the process flow of the network from the client's perspective.
FIG. 3 is a flowchart illustrating a method for providing a trusted interface in a network.
FIG. 4 is a flowchart illustrating a method for verifying the trusted interface in the network.
FIG. 5 is a flowchart illustrating a method for initializing the interface in the network.
FIG. 6 is a flowchart illustrating a method for validating the trusted interface in the network.
DETAILED DESCRIPTION OF THE PREFERRED EMBODIMENTS
This invention relates to a method and system to establish a trusted interface in a cloud network environment for protection against malware attacks. Hereinafter, the specification will describe the present invention according to the preferred embodiments. It is understood that limiting the description to the preferred embodiments of the invention is merely to facilitate discussion of the present invention without departing from the scope of the accompanying claims.
Reference is first being made to FIG. 1 and FIG. 2 respectively. FIG. 1 illustrates network architecture of the trusted interface in a network environment and FIG. 2 illustrates the process flow of the network from the client's perspective. As illustrated in FIG. 1 , the system of the network includes at least one machine having at least one interface, Trusted Platform Module and User Interface Manager and at least one virtual machine having virtualized Trusted Platform Module and User Interface Manager. Further, multiple clients may interface with applications (APP) in the network. The present invention is not limited to a single user or machine.
As illustrated in FIG. 2, a user interface (102) is connected to machine readable instructions in virtual machine, which resides on the cloud. Cloud computing is an Internet-based computing where shared resources, software, and information is provided to computers and other devices on demand. The user interface (102) may be mobile computing device or mobile internet device, such as mobile phone, radio phone, smartphone, PDA, handheld computer, tablet computer, laptop computer, or notebook computer.
The User Interface Manager (104) provides for secure user interface of the machine readable instructions and the library files (103). Thereafter, User Interface Manager (104) performs an integrity measurement on user input devices through graphical user interface or console application. The present invention can be employed on machine readable instructions such as operating systems (105), (e.g. Windows or Linux). The mechanism implements virtualized hardware platform (106), which is used as root of trust for integrity measurement. The virtualized hardware platform (106) may be Trusted Platform Module (TPM) or virtualized Trusted Platform Module (vTPM). The User Interface Manager (104) connects at least one interface in machine of networks to at least one machine readable instructions in virtual machine of the networks. Thereafter, the User Interface Manager initializes the at least one interface in networks and verifies trusted interface in networks. The User Interface Manager validates trusted interface in networks and executes the at least one application in trusted environment.
The TPM is a machine readable chip designed to enable machines to achieve greater levels of security. The TPM specification is proprietary of the Trusted Computing Group (TCG) and manufactured by Atmel, Broadcom, Infineon, Sinosun, and STMicroelectronics. TPM provides secure storage, platform measurement, reporting, and platform authentication.
Reference is now being made to FIG. 3, FIG. 4 and FIG. 5 respectively. FIG. 3 is a flowchart illustrating method for providing trusted interface in networks while FIG. 4 is a flowchart illustrating method for verifying trusted interface in the networks and FIG. 5 is a flowchart illustrating method for initializing interface in networks. As illustrated in FIG. 3, integrity measurement on a user input device is first performed to provide a secure interface (302). Secure interface is provided by detecting changes in the direction of paths in networks to protect from malware attacks. Thereafter, secure interface is identified and connects to applications in Virtual Machines that reside on the cloud (302). The said interface in networks is initialized (306) by identifying trusted interface and sequence of execution of machine readable instructions in networks (502). The collected information is then stored into trusted storage (504).
The interface in networks includes executable machine instructions for execution on machines and/or virtual machines. The executable machine instructions are loaded into memory of the machines and/or virtual machines for verification and validation of integrity.
Upon initialization, the networks are verified (308). Verification of the trusted interface in the network comprises steps of identifying at least one current interface and sequences of execution of current interface (402), collecting information of current interface and sequences of execution of current interface (404), measuring current interface and sequences of current interface (406), performing hashing of machine readable instructions on current interface (408). Specifically, hashing generates a number from a string of text. The output of machine readable instruction is stored into security device (410). Security device is Platform Configuration Registers in Trusted Platform Module.
Further, trusted interface in network is validated (310) wherein integrity measurement of current interface is compared with the original initial measurement that is stored in trusted storage (602). As a result, valid integrity measurement will be executed in trusted network environment (604) while invalid integrity measurement aborts execution of the machine readable instructions (606).
Thus, the method to establish trusted interface in network environment as described in the present invention includes User Interface Manager at machine readable instructions layer that enables verification and validation of trusted interface by User Interface Manager via hashing of machine readable instructions for preventing malware attacks.
The present invention may be embodied in other specific forms without departing from its essential characteristics. The described embodiments are to be considered in all respects only as illustrative and not restrictive. The scope of the invention is, therefore indicated by the appended claims rather than by the foregoing description. All changes, which come within the meaning and range of equivalency of the claims, are to be embraced within their scope.

Claims

A method (300) for providing trusted interface in a network comprising steps of: providing secure interface by performing integrity measurement on user input device (302);
connecting at least one interface in network machines to at least one machine readable instruction in virtual networks (304);
initializing the at least one interface in networks (306);
verifying trusted interface in networks (308);
validating trusted interface in networks (310); and
executing the at least one application in trusted environment (312) characterized in that
verifying trusted interface in networks (308) further comprises steps of: identifying at least one current interface and sequences of execution of the at least one current interface (402);
collecting information of the at least one current interface and sequences of execution of the at least one current interface (404); measuring the at least one current interface and sequences of execution of the at least one current interface (406);
performing hashing of machine readable instructions on the at least one current interface (408); and
storing output of machine readable instructions into security device (410).
The method according to Claim 1 , wherein providing secure interface by performing integrity measurement on user input device (302) further comprises detecting change in the direction of path in network to protect from malware attacks.
The method according to Claim 1 wherein initializing the at least one interface in networks (306) further comprising steps of:
identifying trusted interface and sequence of execution of application in networks (502); and
storing collected information into trusted storage (504). The method according to Claim 1 wherein validating trusted interface in networks (310) further comprising steps of:
comparing integrity measurement of the at least one current interface with integrity measurement stored in trusted storage (602);
information indicative of valid integrity measurement executes the at least one machine readable instruction in trusted environment else (604);
information indicative of invalid integrity measurement aborts execution of machine readable instruction (606).
The method according to Claim 1 wherein security device is a Platform Configuration Registers in a Trusted Platform Module.
The method according to Claim 1 wherein the at least one interface includes an executable machine instructions for execution on machines and/or virtual machines.
The method according to Claim 6, wherein executable machine instructions are loaded into memory of the machines and/or virtual machines for verification and validation of integrity.
A system (100)for providing trusted interface in networks, the system comprising:
at least one machine having at least one interface, Trusted Platform Module and User Interface Manager; and
at least one virtual machine having virtualized Trusted Platform Module and User Interface Manager.
The system (100) according to Claim 8 wherein User Interface Manager having means for:
providing secure interface by performing integrity measurement on user input device;
connecting at least one interface in a machine of the network to at least one machine readable instruction in virtual machine of networks; initializing the at least one interface in networks;
verifying the trusted interface in networks;
validating trusted interface in networks; and
executing the at least one application in trusted environment.
PCT/MY2011/000055 2010-10-29 2011-05-23 Method and system to establish a trusted interface in a network environment WO2012057605A1 (en)

Applications Claiming Priority (2)

Application Number Priority Date Filing Date Title
MYPI2010005118A MY154286A (en) 2010-10-29 2010-10-29 Method and system to establish a trusted interface in a network environment
MYPI2010005118 2010-10-29

Publications (1)

Publication Number Publication Date
WO2012057605A1 true WO2012057605A1 (en) 2012-05-03

Family

ID=45994136

Family Applications (1)

Application Number Title Priority Date Filing Date
PCT/MY2011/000055 WO2012057605A1 (en) 2010-10-29 2011-05-23 Method and system to establish a trusted interface in a network environment

Country Status (2)

Country Link
MY (1) MY154286A (en)
WO (1) WO2012057605A1 (en)

Citations (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20080162932A1 (en) * 2006-12-29 2008-07-03 Lenovo (Singapore) Pte Ltd. Authenticating suspect data using key tables
US20090077631A1 (en) * 2007-09-13 2009-03-19 Susann Marie Keohane Allowing a device access to a network in a trusted network connect environment
US20090300353A1 (en) * 2008-04-30 2009-12-03 Viasat, Inc. Trusted network interface

Patent Citations (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20080162932A1 (en) * 2006-12-29 2008-07-03 Lenovo (Singapore) Pte Ltd. Authenticating suspect data using key tables
US20090077631A1 (en) * 2007-09-13 2009-03-19 Susann Marie Keohane Allowing a device access to a network in a trusted network connect environment
US20090300353A1 (en) * 2008-04-30 2009-12-03 Viasat, Inc. Trusted network interface

Also Published As

Publication number Publication date
MY154286A (en) 2015-05-29

Similar Documents

Publication Publication Date Title
Schwarz et al. Practical enclave malware with Intel SGX
US10409978B2 (en) Hypervisor and virtual machine protection
US8713631B1 (en) System and method for detecting malicious code executed by virtual machine
Zaddach et al. Implementation and implications of a stealth hard-drive backdoor
US9530001B2 (en) System and method for below-operating system trapping and securing loading of code into memory
US8966624B2 (en) System and method for securing an input/output path of an application against malware with a below-operating system security agent
US20200372129A1 (en) Defending Against Speculative Execution Exploits
US9336390B2 (en) Selective assessment of maliciousness of software code executed in the address space of a trusted process
US9087199B2 (en) System and method for providing a secured operating system execution environment
US9262246B2 (en) System and method for securing memory and storage of an electronic device with a below-operating system security agent
KR101247022B1 (en) Systems and methods for verifying trust of executable files
Black et al. A survey of similarities in banking malware behaviours
US20130312099A1 (en) Realtime Kernel Object Table and Type Protection
US20110307711A1 (en) Device booting with an initial protection component
US9396329B2 (en) Methods and apparatus for a safe and secure software update solution against attacks from malicious or unauthorized programs to update protected secondary storage
US20220006637A1 (en) File system supporting remote attestation-based secrets
US8640242B2 (en) Preventing and detecting print-provider startup malware
Zheng et al. Android plugin becomes a catastrophe to Android ecosystem
EP1902384B1 (en) Securing network services using network action control lists
RU2587426C2 (en) System and method of detecting directed attack on corporate infrastructure
Tidy et al. An assessment of the contemporary threat posed by network worm malware
WO2012057605A1 (en) Method and system to establish a trusted interface in a network environment
Krishnan et al. PAM: process authentication mechanism for protecting system services against malicious code attacks
Song et al. TZ-IMA: Supporting Integrity Measurement for Applications with ARM TrustZone
Wang et al. Coprocessor-based hierarchical trust management for software integrity and digital identity protection

Legal Events

Date Code Title Description
121 Ep: the epo has been informed by wipo that ep was designated in this application

Ref document number: 11836690

Country of ref document: EP

Kind code of ref document: A1

NENP Non-entry into the national phase

Ref country code: DE

122 Ep: pct application non-entry in european phase

Ref document number: 11836690

Country of ref document: EP

Kind code of ref document: A1