Abstract
It is very common for people across the globe to collaborate on the Internet and intellectual property amongst each other. A serious threat to this form of collaboration can come from “backdoor” attacks from hackers, who can distort the information content. For example, a backdoor attack may replace common operating system functions with malicious ones. A possible precaution against such an attack is to generate a signature database and compare the signature of a system functionality with its golden signature before using the functionality. We present an alternate and novel method to detect Trojan activity. Called time fingerprinting, the method relies on observing a finite number of fingerprints during signature generation and tracing the Trojan fingerprints in system files. We have verified the desired properties using common semi trusted operating system files.
Get full access to this article
View all access options for this article.