lnu.sePublications
Change search
CiteExportLink to record
Permanent link

Direct link
Cite
Citation style
  • apa
  • ieee
  • modern-language-association-8th-edition
  • vancouver
  • Other style
More styles
Language
  • de-DE
  • en-GB
  • en-US
  • fi-FI
  • nn-NO
  • nn-NB
  • sv-SE
  • Other locale
More languages
Output format
  • html
  • text
  • asciidoc
  • rtf
A Field-Sensitive Security Monitor for Object-Oriented Programs
Linnaeus University, Faculty of Technology, Department of computer science and media technology (CM). (ERES;prosses)ORCID iD: 0000-0002-0377-5595
2021 (English)In: Computers & security (Print), ISSN 0167-4048, E-ISSN 1872-6208, Vol. 108, article id 102349Article in journal (Refereed) Published
Abstract [en]

In this paper, we propose a sound method to synthesize a permissive monitor using boolean supervisory controller synthesis that observes a Java program at certain checkpoints, predicts information flow violations and applies suitable countermeasures to prevent violations. We introduce an approach for modeling heap and information flow via heap. To improve permissiveness, we train the monitor and remove false positives by executing the program along with its executable model. If a security violation is detected, the user can define sound countermeasures, including declassification to apply in checkpoints. We prove that the monitored program ensures localized delimited release in case of declassifying information and termination-insensitive noninterference in case of no declassification. We implement a tool to automate the whole process and generate a monitor. Our method is evaluated by applying it on the Droidbench benchmark and one real-life Android application.

Place, publisher, year, edition, pages
Elsevier, 2021. Vol. 108, article id 102349
Keywords [en]
Language-based security, Information flow control, Controller synthesis, Heap modeling
National Category
Computer Sciences
Research subject
Computer and Information Sciences Computer Science, Computer Science
Identifiers
URN: urn:nbn:se:lnu:diva-103731DOI: 10.1016/j.cose.2021.102349ISI: 000677639500014Scopus ID: 2-s2.0-85109189036Local ID: 2021OAI: oai:DiVA.org:lnu-103731DiVA, id: diva2:1558247
Projects
PROSSESAvailable from: 2021-05-28 Created: 2021-05-28 Last updated: 2022-05-20Bibliographically approved

Open Access in DiVA

No full text in DiVA

Other links

Publisher's full textScopus

Authority records

Khakpour, Narges

Search in DiVA

By author/editor
Khakpour, Narges
By organisation
Department of computer science and media technology (CM)
In the same journal
Computers & security (Print)
Computer Sciences

Search outside of DiVA

GoogleGoogle Scholar

doi
urn-nbn

Altmetric score

doi
urn-nbn
Total: 177 hits
CiteExportLink to record
Permanent link

Direct link
Cite
Citation style
  • apa
  • ieee
  • modern-language-association-8th-edition
  • vancouver
  • Other style
More styles
Language
  • de-DE
  • en-GB
  • en-US
  • fi-FI
  • nn-NO
  • nn-NB
  • sv-SE
  • Other locale
More languages
Output format
  • html
  • text
  • asciidoc
  • rtf