The Infona portal uses cookies, i.e. strings of text saved by a browser on the user's device. The portal can access those files and use them to remember the user's data, such as their chosen settings (screen view, interface language, etc.), or their login data. By using the Infona portal the user accepts automatic saving and using this information for portal operation purposes. More information on the subject can be found in the Privacy Policy and Terms of Service. By closing this window the user confirms that they have read the information on cookie usage, and they accept the privacy policy and the way cookies are used by the portal. You can change the cookie settings in your browser.
Today the technology advancement in communication technology permits a malware author to introduce code obfuscation technique, for example, Application Programming Interface (API) hook, to make detecting the footprints of their code more difficult. A signature-based model such as Antivirus software is not effective against such attacks. In this paper, an API graph-based model is proposed with the...
Most programs related to security communicate with servers through encrypted channels, and sensitive data that are transmitted should be encrypted using a suitable protocol. Transport Layer Security (TLS) is a protocol that encrypts data by exchanging key materials in a secure way. Protocol analyzers in turn decrypt packets to see the raw protocols in plain text. Decryption is not a minor job, and...
API Hook technology is a kind of advanced programming technology, which is used for large number of applications. It is the main method of IAT HOOK and INLINE hooks. This article combines the hard-coded technique, independent code injection, loading rules of windows system to put forward a new INLINE Hook technology.
Security access of enterprise production data file and design file is critical to ensure the enterprise interests. This paper puts forward the method of using windows driver combined with API function to write the virtual equipment articulated driver. The method can track the enterprise internal file access, at the same time make detailed monitoring records to the server. The administrator can monitor...
Recently, How to secure your browser out of malware attacks became the hottest topics on system security. According to the characteristics of Windows systems and drive-by download, this paper designed to eliminate drive-by malware installations present a browser-independent system architecture based on windows kernel file system filter driver and user-level hook technology. By Intercepting the user's...
Digital rights management allows content providers to control the distribution and usage of digital contents for their e-commerce applications. Most of previously proposed digital rights management mechanisms focus on the protection mechanisms for digital contents and pay less attention to the discussion on business models and users' convenience. It will decrease effective distribution for digital...
API interception means a particular way of interrupting API calls and altering the original API execution to the code supplied by the user. This paper introduces how to realize process concealment by Intercepting API, and discusses several kinds of implemental ways of DLL injection and API interception with emphasis, which are the central techniques of the API Hook, then provides the key code for...
In the current quality assurance mechanisms of Web services, it focuses mainly on such generic service attributes as availability, accessibility, reliability, regulatory, security, response time, throughput, latency, price, network bandwidth, reputation, etc. and ignores the important role of domain-related service attributes, related to different application domains. But domain-related attributes...
While buffer overflow problem has been known for a long time, it continues to present a serious security threat. Many solutions to the notorious problem were proposed. However, they had their own drawbacks. This paper presents a solution called API invocation fingerprint detection (AIFD) to eliminate overflow vulnerability with very low performance penalty. The solution is API-hook-based, which does...
Set the date range to filter the displayed results. You can set a starting date, ending date or both. You can enter the dates manually or choose them from the calendar.