SpyShield: Preserving privacy from spy add-ons

Zhuowei Li, Xiao Feng Wang, Jong Youl Choi

Research output: Chapter in Book/Report/Conference proceedingConference contributionpeer-review

11 Scopus citations

Abstract

Spyware infections are becoming extremely pervasive, posing a grave threat to Internet users' privacy. Control of such an epidemic is increasingly difficult for the existing defense mechanisms, which in many cases rely on detection alone. In this paper, we propose SpyShield, a new containment technique, to add another layer of defense against spyware. Our technique can automatically block the visions of untrusted programs in the presence of sensitive information, which preserves users' privacy even after spyware has managed to evade detection. It also enables users to avoid the risks of using free software which could be bundled with surveillance code. As a first step, our design of SpyShield offers general protection against spy add-ons, an important type of spyware. This is achieved through enforcing a set of security policies to the channels an add-on can use to monitor its host application, such as COM interfaces and shared memory, so as to block unauthorized leakage of sensitive information. We prototyped SpyShield under Windows XP to protect Internet Explorer and also evaluated it using real plug-ins. Our experimental study shows that the technique can effectively disrupt spyware surveillance in accordance with security policies and introduce only a small overhead.

Original languageEnglish
Title of host publicationRecent Advances in Intrusion Detection - 10th International Symposium, RAID 2007, Proceedings
PublisherSpringer Verlag
Pages295-316
Number of pages22
ISBN (Print)9783540743194
DOIs
StatePublished - 2007
Externally publishedYes
Event10th Symposium on Recent Advances in Intrusion Detection, RAID 2007 - Gold Coast, Australia
Duration: Sep 5 2007Sep 7 2007

Publication series

NameLecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)
Volume4637 LNCS
ISSN (Print)0302-9743
ISSN (Electronic)1611-3349

Conference

Conference10th Symposium on Recent Advances in Intrusion Detection, RAID 2007
Country/TerritoryAustralia
CityGold Coast
Period09/5/0709/7/07

Fingerprint

Dive into the research topics of 'SpyShield: Preserving privacy from spy add-ons'. Together they form a unique fingerprint.

Cite this