The ability to manipulate specific code in the OS based on known location and known filenames. There are few that don't behave in this manner.
What would happen if, on installation of the OS, an encrypted database, based on your master entropic password, were established that would store every .exe, .com, .dll, .ini.....any and all named component's names of an OS's visible and hidden filenames, and encrypt them and replace those names with the generated lookup table's equivalent hashed random filename.
Even fileless malware depends on the ability to manipulate some code somewhere on the system or registry entry to gain a foothold to perform it's further operations. Even going direct to memory and operating from there still requires some access to the file system....except for those that come as a complete package that would require no local resources but I haven't seen many of those.
Yeah, you'd give up a few CPU cycles in overhead. But essentially no worse than an entire encrypted system, which might benefit from the additional layer of obfuscation.
Flame on. I'm sure there are flaws in this proposal......just curious about a reaction.
What would happen if, on installation of the OS, an encrypted database, based on your master entropic password, were established that would store every .exe, .com, .dll, .ini.....any and all named component's names of an OS's visible and hidden filenames, and encrypt them and replace those names with the generated lookup table's equivalent hashed random filename.
Even fileless malware depends on the ability to manipulate some code somewhere on the system or registry entry to gain a foothold to perform it's further operations. Even going direct to memory and operating from there still requires some access to the file system....except for those that come as a complete package that would require no local resources but I haven't seen many of those.
Yeah, you'd give up a few CPU cycles in overhead. But essentially no worse than an entire encrypted system, which might benefit from the additional layer of obfuscation.
Flame on. I'm sure there are flaws in this proposal......just curious about a reaction.