Self-Signed Executables: Restricting Replacement of Program Binaries by Malware
Source: Carleton University
The authors propose using digital signatures to protect binaries already on the system from modifications by malware. While applicable to any file which is not intended to be modified by an end user, they concentrate on protecting programs and libraries present on the system before infection. Their protection does not rely on a central trusted authority or PKI, and can be incrementally deployed. While presented in the context of the Linux environment, their approach applies to other operating systems such as Windows.