IEEE Transactions on Dependable and Secure Computing

IEEE Transactions on Dependable and Secure Computing (TDSC) is a bimonthly journal that publishes archival research results focusing on foundations, methodologies, and mechanisms that support the achievement—through design, modeling, and evaluation—of systems and networks that are dependable and secure to the desired degree without compromising performance. Read the full scope of TDSC


Expand your horizons with Colloquium, a monthly survey of abstracts from all CS transactions! Replaces OnlinePlus in January 2017.


From the March-April 2018 issue

Towards Transparent Debugging

By Fengwei Zhang, Kevin Leach, Angelos Stavrou, and Haining Wang

Featured article thumbnail image Traditional malware analysis relies on virtualization or emulation technology to run samples in a confined environment, and to analyze malicious activities by instrumenting code execution. However, virtual machines and emulators inevitably create artifacts in the execution environment, making these approaches vulnerable to detection or subversion. In this paper, we present MalT, a debugging framework that employs System Management Mode, a CPU mode in the x86 architecture, to transparently study armored malware. MalT does not depend on virtualization or emulation and thus is immune to threats targeting such environments. Our approach reduces the attack surface at the software level, and advances state-of-the-art debugging transparency. MalT embodies various debugging functions, including register/memory accesses, breakpoints, and seven stepping modes. Additionally, MalT restores the system to a clean state after a debugging session. We implemented a prototype of MalT on two physical machines, and we conducted experiments by testing an array of existing anti-virtualization, anti-emulation, and packing techniques against MalT. The experimental results show that our prototype remains transparent and undetected against the samples. Furthermore, debugging and restoration introduce moderate but manageable overheads on both Windows and Linux platforms.

download PDF View the PDF of this article      csdl View this issue in the digital library


Editorials and Announcements

Announcements

  • We are pleased to announce that Jaideep Vaidya, the RBS Dean’s Research Professor of Computer Information Systems in the Management Science and Information Systems Department at Rutgers University, has been selected as the new Editor-in-Chief of TDSC starting in 2018.
  • TDSC now offers authors access to Code Ocean. Code Ocean is a cloud-based executable research platform that allows authors to share their algorithms in an effort to make the world’s scientific code more open and reproducible. Learn more or sign up for free.
  • Guest Editor Proposals for IEEE TDSC Special Issues (PDF)

Call for Papers


Editorials


Guest Editorials


Reviewers List


Annual Index


Access recently published TDSC articles

RSS icon Subscribe to the RSS feed of recently published TDSC content

Mail Sign up for e-mail notifications through IEEE Xplore Content Alerts

preprints icon View TDSC preprints in the Computer Society Digital Library


Swimming with Sharks: Security Roundtable