Full Program »
Malware has been a major security problem in organizations and homes for more than a decade. One common feature of most malware attacks is that at a certain point early in the attack, an exe- cutable is dropped on the system which, when executed, enables the attacker to achieve their goals and maintain control of the compromised machine. In this paper we propose the concept of Personalized Application Whitelisting (PAW) to block all unsolicited for- eign code from executing on a system. We introduce CodeShield, an approach to implement PAW on Windows hosts. CodeShield uses a simple and novel security model, and a new user interaction approach for obtaining security-critical decisions from users. We have implemented CodeShield, demonstrated its security effectiveness, and conducted a user study, having 38 participants run CodeShield on their laptops for 6 weeks. Results from the data demonstrate the usability and promises of our design.
Author(s):
Christopher Gates
Purdue University
United States
Ninghui Li
Purdue University
United States
Jing Chen
Purdue University
United States
Robert Proctor
Purdue University
United States