A Lightweight Software Control System for Cyber Awareness and Security

被引:0
作者
Co, Michele [1 ]
Coleman, Clark L. [1 ]
Davidson, Jack W. [1 ]
Ghosh, Sudeep [1 ]
Hiser, Jason D. [1 ]
Knight, John C. [1 ]
Nguyen-Tuong, Anti [1 ]
机构
[1] Univ Virginia, Dept Comp Sci, Charlottesville, VA 22904 USA
来源
2009 2ND INTERNATIONAL SYMPOSIUM ON RESILIENT CONTROL SYSTEMS (ISRCS 2009) | 2009年
关键词
Virtual Execution; Software Dynamic Translation; Cyber Security; Cyber Awareness; Diversity; Randomization;
D O I
暂无
中图分类号
TP [自动化技术、计算机技术];
学科分类号
0812 ;
摘要
Designing and building software that is free of defects that can be exploited by malicious adversaries is a difficult task. Despite extensive efforts via the application of formal methods, use of automated software engineering tools, and performing extensive pre-deployment testing, exploitable errors still appear in software. The problem of cyber resilience is further compounded by the growing sophistication of adversaries who can marshal substantial resources to compromise systems. This paper describes a novel, promising approach to improving the resilience of software. The approach is to impose a process-level software control system that continuously monitors an application for signs of attack or failure and responds accordingly. The system uses software dynamic translation to seamlessly insert arbitrary sensors and actuators into an executing binary. The control system employs the sensors to detect attacks and the actuators to effect an appropriate response. Using this approach, several novel monitoring and response systems have been developed. The paper describes our lightweight process-level software control system, our experience using it to increase the resilience of systems, and discusses future research directions for extending and enhancing this powerful approach to achieving cyber awareness and resilience.
引用
收藏
页码:13 / 18
页数:6
相关论文
共 15 条
[1]  
ANCKAERT B, 2006, DRM 2006, P47, DOI DOI 10.1145/1179509.11.79521
[2]  
AUCSMITH D, 1996, P 1 INT WORKSH INF H, P317
[3]  
CHANG H, 2002, DRM 01, P160
[4]  
Chow S, 2003, LECT NOTES COMPUT SC, V2595, P250
[5]  
Ebcioglu K, 1997, ACM COMP AR, P26, DOI 10.1145/384286.264126
[6]  
Hiser J. D., 2006, VEE 2006. Proceedings of the Second International Conference on Virtual Execution Environments, P122
[7]  
Hiser JD, 2009, LECT NOTES COMPUT SC, V5429, P164
[8]  
LUK CK, 2005, PLDI 05, P190, DOI [DOI 10.1145/1065010.1065034, DOI 10.1145/1064978.1065034, 10.1145/1064978.1065034]
[9]   Valgrind: A Framework for Heavyweight Dynamic Binary Instrumentation [J].
Nethercote, Nicholas ;
Seward, Julian .
PLDI'07: PROCEEDINGS OF THE 2007 ACM SIGPLAN CONFERENCE ON PROGRAMMING LANGUAGE DESIGN AND IMPLEMENTATION, 2007, :89-100
[10]  
Nethercote N, 2007, VEE'07: PROCEEDINGS OF THE THIRD INTERNATIONAL CONFERENCE ON VIRTUAL EXECUTION ENVIRONMENTS, P65