• DocumentCode
    3218789
  • Title

    Assuring the safety of opening email attachments

  • Author

    Balzer, Robert

  • Volume
    2
  • fYear
    2001
  • fDate
    2001
  • Firstpage
    257
  • Abstract
    A wrapper has been developed that monitors the runtime behavior of opened email attachments to ensure that these processes do not do anything harmful. The wrapper detects violations of process-specific rules establishing the acceptable (and safe) behavior of these processes relative to four resources: the file system, the system registry, inter-host communication, and process spawning. The wrapper can determine whether an operation is being performed by the native application or by active content within the email attachment and applies a different (and presumably more stringent) set of rules to the latter. When attempted violations are detected, the user is notified and informed of the severity of the violation. The user determines whether to allow or prohibit the offending operation. The violation, the user´s response, and the initiating email and attachment-obtained from the email client-are logged
  • Keywords
    electronic mail; security of data; data security; email attachments; file system; inter-host communication; process spawning; process-specific rules; runtime behavior monitoring; safety; system registry; wrapper; Animation; Control systems; File systems; Middleware; Monitoring; Operating systems; Runtime; Safety; Security; Switches;
  • fLanguage
    English
  • Publisher
    ieee
  • Conference_Titel
    DARPA Information Survivability Conference & Exposition II, 2001. DISCEX '01. Proceedings
  • Conference_Location
    Anaheim, CA
  • Print_ISBN
    0-7695-1212-7
  • Type

    conf

  • DOI
    10.1109/DISCEX.2001.932177
  • Filename
    932177
    • Link To Document
    https://search.isc.ac/dl/search/defaultta.aspx?DTC=49&DC=3218789