Non-invasive methods for host certification

Patrick Traynor, Michael Chien, Scott Weaver, Boniface Hicks, Patrick Drew McDaniel

Research output: Chapter in Book/Report/Conference proceedingConference contribution

Abstract

Determining whether a user or system is exercising appropriate security practices is difficult in any context. Such difficulties are particularly pronounced when uncontrolled or unknown platforms join public networks. Commonly practiced techniques used to vet these hosts, such as system scans, have the potential to infringe upon the privacy of users. In this paper, we show that it is possible for clients to prove both the presence and proper functioning of security infrastructure without allowing unrestricted access to their system. We demonstrate this approach, specifically applied to anti-virus security, by requiring clients seeking admission to a network to positively identify the presence or absence of malcode in a series of puzzles. The implementation of this mechanism and its application to real networks are also explored. In so doing, we demonstrate that it is not necessary for an administrator to be invasive to determine whether a client implements good security practices.

Original languageEnglish (US)
Title of host publication2006 Securecomm and Workshops
DOIs
StatePublished - Dec 1 2006
Event2006 Securecomm and Workshops - Baltimore, MD, United States
Duration: Aug 28 2006Sep 1 2006

Publication series

Name2006 Securecomm and Workshops

Other

Other2006 Securecomm and Workshops
CountryUnited States
CityBaltimore, MD
Period8/28/069/1/06

Fingerprint

Viruses
certification
privacy
infrastructure

All Science Journal Classification (ASJC) codes

  • Computer Networks and Communications
  • Communication

Cite this

Traynor, P., Chien, M., Weaver, S., Hicks, B., & McDaniel, P. D. (2006). Non-invasive methods for host certification. In 2006 Securecomm and Workshops [4198799] (2006 Securecomm and Workshops). https://doi.org/10.1109/SECCOMW.2006.359539
Traynor, Patrick ; Chien, Michael ; Weaver, Scott ; Hicks, Boniface ; McDaniel, Patrick Drew. / Non-invasive methods for host certification. 2006 Securecomm and Workshops. 2006. (2006 Securecomm and Workshops).
@inproceedings{dd766d57593d4e96bb9216877d80f24e,
title = "Non-invasive methods for host certification",
abstract = "Determining whether a user or system is exercising appropriate security practices is difficult in any context. Such difficulties are particularly pronounced when uncontrolled or unknown platforms join public networks. Commonly practiced techniques used to vet these hosts, such as system scans, have the potential to infringe upon the privacy of users. In this paper, we show that it is possible for clients to prove both the presence and proper functioning of security infrastructure without allowing unrestricted access to their system. We demonstrate this approach, specifically applied to anti-virus security, by requiring clients seeking admission to a network to positively identify the presence or absence of malcode in a series of puzzles. The implementation of this mechanism and its application to real networks are also explored. In so doing, we demonstrate that it is not necessary for an administrator to be invasive to determine whether a client implements good security practices.",
author = "Patrick Traynor and Michael Chien and Scott Weaver and Boniface Hicks and McDaniel, {Patrick Drew}",
year = "2006",
month = "12",
day = "1",
doi = "10.1109/SECCOMW.2006.359539",
language = "English (US)",
isbn = "1424404231",
series = "2006 Securecomm and Workshops",
booktitle = "2006 Securecomm and Workshops",

}

Traynor, P, Chien, M, Weaver, S, Hicks, B & McDaniel, PD 2006, Non-invasive methods for host certification. in 2006 Securecomm and Workshops., 4198799, 2006 Securecomm and Workshops, 2006 Securecomm and Workshops, Baltimore, MD, United States, 8/28/06. https://doi.org/10.1109/SECCOMW.2006.359539

Non-invasive methods for host certification. / Traynor, Patrick; Chien, Michael; Weaver, Scott; Hicks, Boniface; McDaniel, Patrick Drew.

2006 Securecomm and Workshops. 2006. 4198799 (2006 Securecomm and Workshops).

Research output: Chapter in Book/Report/Conference proceedingConference contribution

TY - GEN

T1 - Non-invasive methods for host certification

AU - Traynor, Patrick

AU - Chien, Michael

AU - Weaver, Scott

AU - Hicks, Boniface

AU - McDaniel, Patrick Drew

PY - 2006/12/1

Y1 - 2006/12/1

N2 - Determining whether a user or system is exercising appropriate security practices is difficult in any context. Such difficulties are particularly pronounced when uncontrolled or unknown platforms join public networks. Commonly practiced techniques used to vet these hosts, such as system scans, have the potential to infringe upon the privacy of users. In this paper, we show that it is possible for clients to prove both the presence and proper functioning of security infrastructure without allowing unrestricted access to their system. We demonstrate this approach, specifically applied to anti-virus security, by requiring clients seeking admission to a network to positively identify the presence or absence of malcode in a series of puzzles. The implementation of this mechanism and its application to real networks are also explored. In so doing, we demonstrate that it is not necessary for an administrator to be invasive to determine whether a client implements good security practices.

AB - Determining whether a user or system is exercising appropriate security practices is difficult in any context. Such difficulties are particularly pronounced when uncontrolled or unknown platforms join public networks. Commonly practiced techniques used to vet these hosts, such as system scans, have the potential to infringe upon the privacy of users. In this paper, we show that it is possible for clients to prove both the presence and proper functioning of security infrastructure without allowing unrestricted access to their system. We demonstrate this approach, specifically applied to anti-virus security, by requiring clients seeking admission to a network to positively identify the presence or absence of malcode in a series of puzzles. The implementation of this mechanism and its application to real networks are also explored. In so doing, we demonstrate that it is not necessary for an administrator to be invasive to determine whether a client implements good security practices.

UR - http://www.scopus.com/inward/record.url?scp=50049104590&partnerID=8YFLogxK

UR - http://www.scopus.com/inward/citedby.url?scp=50049104590&partnerID=8YFLogxK

U2 - 10.1109/SECCOMW.2006.359539

DO - 10.1109/SECCOMW.2006.359539

M3 - Conference contribution

AN - SCOPUS:50049104590

SN - 1424404231

SN - 9781424404230

T3 - 2006 Securecomm and Workshops

BT - 2006 Securecomm and Workshops

ER -

Traynor P, Chien M, Weaver S, Hicks B, McDaniel PD. Non-invasive methods for host certification. In 2006 Securecomm and Workshops. 2006. 4198799. (2006 Securecomm and Workshops). https://doi.org/10.1109/SECCOMW.2006.359539