International Journal of Network Security & Its Applications (IJNSA) - ERA, WJCI Indexed

International Journal of Network Security & Its Applications (IJNSA) - ERA, WJCI Indexed

ISSN: 0974 - 9330 (Online); 0975 - 2307 (Print)

Webpage URL: https://airccse.org/journal/ijnsa.html

Runtime Potential Updater File(S) Identification: Does Your Software Updates Automatically With Application Whitelisting?

Janardhan Reddy, Amit Kumar Jha and Sandeep Romana, Centre for Development of Advanced Computing, India

Abstract

One of the major hurdles to widespread usage of application whitelisting with today’s dynamically changing and updating software’s; is the static environment it creates that leaves little scope for changes to the system once whitelisting is enforced. The de-facto method to allow for trusted changes to system is to make selected executable files as trusted and allow changes made to the system through these files even when whitelisting is enforced. The problem with this is; difficulty the user faces in identifying the updater files for third party software. In this paper, we present the method to identify the potential updater files for the third party software in a Microsoft Windows environment. Further we test the method for commonly used third party software, presenting the results of experimentation and effectiveness of our approach.

Keywords

Application Whitelisting, Updater Identification

Original Source URL: https://airccse.org/journal/nsa/7115nsa04.pdf

Volume URL: https://airccse.org/journal/jnsa15_current.html