Title :
A protection environment for administrators of Windows 2000/XP against malicious program attacks
Author :
Spalka, Adrian ; Winandy, Marcel
Author_Institution :
Dept. of Comput. Sci. III, Bonn Univ., Germany
Abstract :
Malicious program attacks pose a serious threat to operating systems. If an operator can be tricked into running such a program its abilities to manipulate a system are unlimited. This work, which addresses Windows 2000/XP, is a part of our effort of creating a protected execution environment for applications with high security demands. We analyse attacks by malicious programs that manipulate systems components during their installation by an administrator. It turns out that most of these manipulations are likely to remain unnoticed by the human user. However, we show that the operating system´s protection mechanisms can be used to prevent or detect all manipulations that can endanger our protected environment. We combine these mechanisms in a restricted shell, which the administrator should use for the execution of possibly untrustworthy programs.
Keywords :
computer crime; operating systems (computers); security of data; Windows 2000; Windows XP; malicious program attack protection; malicious program attacks; operating systems; protection mechanisms; security demands; Access control; Application software; Computer science; Computer security; Cryptography; Humans; Invasive software; Operating systems; Permission; Protection;
Conference_Titel :
Computer Software and Applications Conference, 2003. COMPSAC 2003. Proceedings. 27th Annual International
Print_ISBN :
0-7695-2020-0
DOI :
10.1109/CMPSAC.2003.1245336
