Rule-based auditing system for software security assurance

We can use information and software of various forms without being restricted for place and time if ubiquitous computing age comes. However, its dysfunction is causing security problems such as outflow of personal information, hacking, diffusion of virus. Specially, dissemination of software that has malicious purpose in ubiquitous computing environment causes serious damage. We have studied about malicious code detection and software vulnerability detection tool to prevent this. But, existent detection tools are not suited to general software, because they are limitative in specification area. In addition, they cannot detect a newly appeared malicious code. We must update pattern of new malicious code, because they use a simple pattern matching technique. In this paper, we propose rule-based auditing system that analyzes structure of target code to solve these problems, define this as rule, and detect malicious codes and software vulnerabilities. Proposed auditing system can construct secure ubiquitous computing environment, because it will be used by a common software audit system that reason about source codes security.