Browse > Article
http://dx.doi.org/10.6109/jkiice.2014.18.6.1369

Threats according to the Type of Software Updates and White-List Construction Scheme for Advanced Security  

Lee, Daesung (Department of Computer Engineering, Catholic University of Pusan)
Publication Information
Journal of the Korea Institute of Information and Communication Engineering / v.18, no.6, 2014 , pp. 1369-1374 More about this Journal
Abstract
In case of APT attacks, the update server is being used as a means of dissemination, the update program is running malicious code or data in applications such as anti-virus signature is vulnerable to manipulation, SW Update threat identification and prevention measures are urgently required. This paper presents a natiional and international SW update structure, update process exploits and response measures to examine, Through the extraction/analysis of a domestic famous SW update log, we are willing to select the necessary component of the normal program update to identify a white list.
Keywords
Software Update; Threats; White-List; Log Analysis;
Citations & Related Records
연도 인용수 순위
  • Reference
1 A. Bellissimo, J. Burgess, and K. Fu. Secure Software Updates: Disappointments and new challenges. In Proceedings of HotSec '06, p37-43. USENIX, July 2006.
2 Dave. S, Application Whitelisting: Enhancing Host Security, A SANS Whitepaper, p1-14, 2009
3 Bjoern M, Luettmann and Adam C. Bender, Man-in-the-Middle Attacks on Auto-Updating Software, Bell Labs Technical Journal 12(3), p131-138, 2007
4 Wireshark: http://www.wireshark.org
5 SSL(Secure Sockets Layer) Protocol Version 3.0 http://tools.ietf.org/html/rfc6101
6 Process Monitor: http://technet.microsoft.com/en-us/sysinternals/bb896645.
7 Whitelist Security, Network Times, p153-162, 2010