Implementation of a TrustedFlow System Prototype

[redbull]

Hi Guys,

I came across something interesting

http://netgroup.polito.it/netgroup/projects.html

(Yes the same person who orginally started the WinPCap packet capture drivers)

Here I found something very interesting:

Implementation of a TrustedFlow System Prototype

Software, especially in the context of data networks, suffers from some inherent problems. These include modifications, either by a malicious or inadvertent attacker, malware distribution (e.g., viruses and Trojan horses), and the use of malicious software remotely for penetration, intrusion, denial-of-service (DoS), and distributed DoS (DDoS). For example, a rogue user may change parameters of a given protocol (such as TCP) by manipulating the code and gain an unfair advantage in using network bandwidth. Assuring that a software module execution is correct in the sense that the user faithfully executes a given code with defined parameters and constraints is an open problem, which is especially important in the context of computing over communications networks.
TrustedFlow™ is a software solution to the problem of remotely authenticating code of software procedures and protocols during execution, which aims at assuring that the software is not changed prior to and during execution. The solution is achieved by continuously emanating a flow of idiosyncratic signatures. These signatures authenticate the software, from which they have emanated. The idiosyncratic signatures are generated by a secret function that is hidden (e.g., obfuscated) in the software and whose execution is subordinated to the proper execution of the software being authenticated. The flow of signatures is validated at a remote component. This generation and validation method of idiosyncratic signature is called TrustedFlow™ protocol. The TrustedFlow™ protocol is a general add-on protection tool that complements other security tools such as trusted computing platforms, authentication and encryption protocols.