| With the rapid development of Internet, the threats of system and data security vulnerability in software systems are becoming increasingly serious, especially those posed by the malicious software, such as Trojan horse. The traditional solution for most computer users is downloading and installing security patches, and do endlessly analyze on characteristics of Trojan and virus for protection. In this article, I'll present a new anti-trojan technology to eliminate those threats. This experimental prototype do not concern about whether the running application is trojan horse or virus, but the system and data security protection on the base of the underlying data. This prototype monitors the running application, analyzes its information flow to limit them under specific strategy.This experimental prototype follows the Trusted Computing Base (TCB) architecture. It is implemented as a system based on Java Virtual Machine that adds data label to Java Virtual Machine with object granularity by using the dynamic bytecode instrument technology. This paper will explore the anti-trojan technology, which is based on the analysis of Java bytecode information flow to protect the data security.The prototype considers objects as protection unit in our design. Therefore, the access control tags are associated with objects. The dynamic bytecode instrument modifies the class files of the running applications, rather than the class files on disk. The access control tags, namely data labels, are added to objects of running applications dynamically, and separated automatically before the termination of the objects.The prototype strictly separates the enforcement mechanism of Java Virtual Machine from its specific polices which we can specify flexibly to inspect and control the Java application. Moreover, our implementation is independent of any specific Java Virtual Machine, and will work with any Java Virtual Machine that supports the Java Virtual Machine Tools Interface (JVMTI). |
PDF Full Text Request