Authors : Sang-Ann Nam, Jong-Chul Park, Jae-Pyo Park and Chang-Hong Kim
Abstract: The leakage of important files through cyber-attacks begins from the malicious codes installed in the personal computers and there is an increasing need of developing technology to block the activities of malicious codes by detecting and identifying process through integrated analyses. In this study, we suggest the endpoint application program controlling method that enables a more secure protection of PC not only from the malicious codes but also from the exploit attacks based on the vulnerabilities of the OS or the application program by applying various integration of protection technologies such as the white-list-based application program execution control method to verify integrity, media control, registry protection, important file manipulation prevention and the process access inverse connection IP/Port control. Also, we suggest a method of measuring and learning the riskiness of the agent application program before registering the user-proven safe application programs on the white-list. The system with the white-list based endpoint application program control method consists of the following three parts. The agent blocking the execution of unauthorized programs that is not on the white-list or the unidentified programs when running an application program, the event server that delivers the execution or stop orders of the application program and the monitoring console for the policy operation management, white-list registration and the application program management. The realized system blocks the execution of the unauthorized programs that are not registered on the white-list and the unidentified executive files through the execution control agent, when running an application program. For the performance evaluation of the realized system, after installing the verification agent and measuring the memory usage, booting speed, the execution program loading speed at the endpoint and security, the performance comparison with the conventional commercial system was conducted to verify the excellence of the proposed system.
Sang-Ann Nam, Jong-Chul Park, Jae-Pyo Park and Chang-Hong Kim, 2018. Design and Implementation of the Safety Application Execution Control System Using the White-Listing. Journal of Engineering and Applied Sciences, 13: 2992-3000.