Component-based malicious software engineer intrusion detection

Michael E. Shin, Snehadeep Sethia, Nipul Patel

Research output: Chapter in Book/Report/Conference proceedingConference contributionpeer-review

1 Scopus citations

Abstract

These days security-sensitive business application systems are developed and maintained by more than one software engineer some of which may be unethical or malicious. Unethical software engineers can insert malicious code to the systems or maliciously change the existing code in the systems to gain personal benefits. As the result security of the business application systems can be compromised. This paper describes an approach to detecting malicious code created by malicious software engineers in components. This paper is an extension to our previous work detecting malicious code attacking security-sensitive information within a component. In particular this paper focuses on detecting malicious code in a component that intrudes security-sensitive information in different components in an application. For this an application system monitor(s) is designed to detect intrusion between components using the business process encapsulated in the monitor(s). The proposed approach is applied to the ATM system and B2B electronic commerce system to evaluate the performance.

Original languageEnglish
Title of host publicationProceedings - 2011 5th International Conference on Secure Software Integration and Reliability Improvement, SSIRI 2011
Pages21-30
Number of pages10
DOIs
StatePublished - 2011
Event2011 5th International Conference on Secure Software Integration and Reliability Improvement, SSIRI 2011 - Jeju Island, Korea, Republic of
Duration: Jun 27 2011Jun 29 2011

Publication series

NameProceedings - 2011 5th International Conference on Secure Software Integration and Reliability Improvement, SSIRI 2011

Conference

Conference2011 5th International Conference on Secure Software Integration and Reliability Improvement, SSIRI 2011
CountryKorea, Republic of
CityJeju Island
Period06/27/1106/29/11

Keywords

  • Application
  • Component
  • Detection
  • Intrusion
  • Malicious software engineer

Fingerprint Dive into the research topics of 'Component-based malicious software engineer intrusion detection'. Together they form a unique fingerprint.

Cite this