By Topic

Design and Performance Evaluation of a Proxy-based Java Rewriting Security System

Sign In

Cookies must be enabled to login.After enabling cookies , please use refresh or reload or ctrl+f5 on the browser for the login options.

Formats Non-Member Member
$33 $13
Learn how you can qualify for the best price for this item!
Become an IEEE Member or Subscribe to
IEEE Xplore for exclusive pricing!
close button

puzzle piece

IEEE membership options for an individual and IEEE Xplore subscriptions for an organization offer the most affordable access to essential journal articles, conference papers, standards, eBooks, and eLearning courses.

Learn more about:

IEEE membership

IEEE Xplore subscriptions

3 Author(s)
Yougang Song ; University of California, Riverside ; Ying Xu ; B. D. Fleisch

Binary rewriting techniques have been developed to allow users to enforce security policies directly on mobile code. However, the performance overheads incurred for improved security, particularly in large organizations with many end-hosts, accentuate the inherent challenges of code rewriting and limit the rate of improvement in these systems. We integrate a binary code rewriter with a web caching proxy and build the security system called PBJARS, a Proxy-based JAva Rewriting System. PBJARS compliments existing JVM security mechanisms by placing another line of security defense in the code path code associated with code downloads. It gives system administrators centralized security control at the level of administrative domains at proxy servers. We evaluated PB-JARS using real Java binary traffic models derived from analyzing real web trace records. Our experimental results show that the overhead added by binary rewriting can be significantly amortized by web caching and PB-JARS adds negligible performance impact on proxy servers.

Published in:

26th IEEE International Conference on Distributed Computing Systems (ICDCS'06)

Date of Conference: