Advertisement

Abstract

The introduction of self-healing capabilities to software systems could offer a way to alter the current, unfavorable imbalance in the software security arms race. Consequently, self-healing software systems have emerged as a research area of particular interest in recent years. Motivated by the inability of traditional techniques to guarantee software integrity and availability, especially against motivated human adversaries, self-healing approaches are meant to complement existing approaches to security.

In this paper, we provide a first attempt to characterize self-healing software systems by surveying some of the existing work in the field. We focus on systems that effect structural changes to the software under protection, as opposed to block-level system reconfiguration. Our goal is to begin mapping the space of software self-healing capabilities. We believe this to be a necessary first step in exploring the boundaries of the research space and understanding the possibilities that such systems enable, as well as determining the risks and limitations inherent in automatic-reaction schemes.

Keywords

Self-healing reliability availability software security 

Preview

Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.

References

  1. 1.
    Reynolds, J.C., Just, J., Clough, L., Maglich, R.: On-Line Intrusion Detection and Attack Prevention Using Diversity, Genrate-and-Test, and Generalization. In: Proceedings of the 36th Hawaii International Conference on System Science (HICSS) (2003)Google Scholar
  2. 2.
    Keromytis, A.D., Parekh, J., Gross, P.N., Kaiser, G., Misra, V., Nieh, J., Rubenstein, D., Stolfo, S.: A Holistic Approach to Service Survivability. In: Proceedings of the ACM Survivable and Self-Regenerative Systems Workshop, ACM Press, New York (2003)Google Scholar
  3. 3.
    Wang, X., Li, Z., Xu, J., Reiter, M. K., Kil, C., Choi, J.Y.: Packet Vaccine: Black-box Exploit Detection and Signature Generation. In: Proceedings of the 13th ACM Conference on Computer and Communications Security (CCS), pp. 37–46. ACM Press, New York (2006)CrossRefGoogle Scholar
  4. 4.
    Costa, M., Crowcroft, J., Castro, M., Rowstron, A.: Vigilante: End-to-End Containment of Internet Worms. In: Proceedings of the Symposium on Systems and Operating Systems Principles (SOSP) (2005)Google Scholar
  5. 5.
    Gosling, J., Joy, B., Steele, G.: The Java Language Specification. Addison Wesley, Reading (1996)zbMATHGoogle Scholar
  6. 6.
    Baratloo, A., Singh, N., Tsai, T.: Transparent Run-Time Defense Against Stack Smashing Attacks. In: Proceedings of the USENIX Annual Technical Conference (2000)Google Scholar
  7. 7.
    Jim, T., Morrisett, G., Grossman, D., Hicks, M., Cheney, J., Wang, Y.: Cyclone: A safe dialect of C. In: Proceedings of the USENIX Annual Technical Conference, pp. 275–288 (2002)Google Scholar
  8. 8.
    Necula, G.C., McPeak, S., Weimer, W.: CCured: Type-Safe Retrofitting of Legacy Code. In: Proceedings of the Principles of Programming Languages (PoPL) (2002)Google Scholar
  9. 9.
    Chen, H., Wagner, D.: MOPS: an Infrastructure for Examining Security Properties of Soft-ware. In: Proceedings of the ACM Computer and Communications Security (CCS) Conference, pp. 235–244, ACM Press, New York (2002)Google Scholar
  10. 10.
    Ganapathy, V., Jha, S., Chandler, D., Melski, D., Vitek, D.: Buffer Overrun Detection using Linear Programming and Static Analysis. In: Proceedings of the 10th ACM Conference on Computer and Communications Security (CCS), pp. 345–364. ACM Press, New York (2003)CrossRefGoogle Scholar
  11. 11.
    Yang, J., Kremenek, T., Xie, Y., Engler, D.: MECA: an Extensible, Expressive System and Language for Statically Checking Security Properties. In: Proceedings of the 10th ACM Conference on Computer and Communications Security (CCS), pp. 321–334. ACM Press, New York (2003)CrossRefGoogle Scholar
  12. 12.
    Cowan, C., Pu, C., Maier, D., Hinton, H., Walpole, J., Bakke, P., Beattie, S., Grier, A., Wagle, P., Zhang, Q.: Stackguard: Automatic Adaptive Detection and Prevention of buffer-Overflow Attacks. In: Proceedings of the USENIX Security Symposium (1998)Google Scholar
  13. 13.
    Cowan, C., Barringer, M., Beattie, S., Kroah-Hartman, G.: Formatguard: Automatic protection from printf format string vulnerabilities. In: Proceedings of the 10th USENIX Security Symposium (2001)Google Scholar
  14. 14.
    Provos, N.: Improving Host Security with System Call Policies. In: Proceedings of the 12th USENIX Security Symposium, pp. 257–272 (2003)Google Scholar
  15. 15.
    Watson, R.N.M.: Trusted BSD: Adding Trusted Operating system Features to FreeBSD. In: Proceedings of the USENIX Annual Technical Conference, Freenix Track, pp. 15–28 (2001)Google Scholar
  16. 16.
    Loscocco, P., Smalley, S.: Integrating Flexible Support for Security Policies into the Linux Operating System. In: Proceedings of the USENIX Annual Technical Conference, Freenix Track, pp. 29–40 (2001)Google Scholar
  17. 17.
    Yin, J., Martin, J.P., Venkataramani, A., Alvisi, L., Dahlin, M.: Separating Agreement from Execution for Byzantine Fault Tolerant Services. In: Proceedings of the ACM Symposium on Operating Systems Principles (SOSP), ACM Press, New York (2003)Google Scholar
  18. 18.
    Cox, B., Evans, D., Filipi, A., Rowanhill, J., Hu, W., Davidson, J., Knight, J., Nguyen-Tuong, A., Hiser, J.: N-Variant Systems: A Secretless Framework for Security through Diversity. In: Proceedings of the 15th USENIX Security Symposium, pp.105–120 (2005)Google Scholar
  19. 19.
    Sidiroglou, S., Locasto, M.E., Boyd, S.W., Keromytis, A.D.: Building a Reactive Immune System for Software Services. In: Proceedings of the USENIX Annual Technical Conference, pp. 149–161 (2005)Google Scholar
  20. 20.
    Rinard, M., Cadar, C., Dumitran, D., Roy, D. Leu, T., Beebee, W.J.: Enhancing Server Availability and Security Through Failure-Oblivious Computing. In: Proceedings of OSDI (2004)Google Scholar
  21. 21.
    Sidiroglou, S., Giovanidis, Y., Keromytis, A.: A Dynamic Mechanism for Recovery from Buffer Overflow attacks. In: Proceedings of the 8th Information Security Conference (ISC) (2005)Google Scholar
  22. 22.
    Newsome, J., Song, D.: Dynamic Taint Analysis for Automatic Detection, Analysis, and Signature Generation of Exploits on Commmodity Software. In: The 12th Annual Network and Distributed System Security Symposium (2005)Google Scholar
  23. 23.
    Dahlin, M.: Serverless Network File Systems. PhD thesis, UC Berkeley (1995)Google Scholar
  24. 24.
    Ször, P., Ferrie, P.: Hunting for Metamorphic. Technical report, Symantec Corporation (2003)Google Scholar
  25. 25.
    Newsome, J., Brumley, D., Song, D.: Vulnerability-Specific Excution Filtering for Exploit Prevention on Commodity Software. In: Proceedings of the 13th Symposium on Network and Distributed System Security (NDSS 2006) (2006)Google Scholar
  26. 26.
    Cui, W., Peinado, M., Wang, H.J., Locasto, M.E.: ShieldGen: Automated Data Patch Generation for Unknown Vulnerabilities with Informed Probing. In: Proceedings of the IEEE Symposium on Security and Privacy. IEEE Computer Society Press, Los Alamitos (2007)Google Scholar
  27. 27.
    Liang, Z., Sekar, R.: Fast and Automated Generation of Attack Signatures: A Basis for Building Self-Protecting Servers. In: Proceedings of the 12th ACM Conference on Computer and Communications Security (CCS), ACM Press, New York (2005)Google Scholar
  28. 28.
    Locasto, M.E., Wang, K., Keromytis, A.D., Stolfo, S.J.: FLIPS: Hybrid Adaptive Intrusion Prevention. In: Proceedings of the 8th International Symposium on Recent Advances in Intrusion Detection (RAID), pp. 82–101 (2005)Google Scholar
  29. 29.
    Smirnov, A., Chiueh, T.: DIRA: Automatic Detection, Identification, and Repair of Control-Hijacking Attacks. In: Proceedings of the 12th ISOC Symposium on Network and Distributed System Security (SNDSS) (2005)Google Scholar
  30. 30.
    Xu, J., Ning, P., Kil, C., Zhai, Y., Bookholt, C.: Automatic Diagnosis and Response to Memory Corruption Vulnerabilities. In: Proceedings of the 12th ACM Conference on Computer and Communications Security (CCS). ACM Press, New York (2005)Google Scholar
  31. 31.
    Kiriansky, V., Bruening, D., Amarasinghe, S.: Secure Execution Via Program Shepherding. In: Proceedings of the 11th USENIX Security Symposium (2002)Google Scholar
  32. 32.
    Suh, G.E., Lee, J.W., Zhang, D., Devadas, S.: Secure Program Execution via Dynamic Information Flow Tracking. In: Proceedings of the 11th International Conference on Architectural Support for Programming Languages and Operating Systems (ASPLOS-XI) (2004)Google Scholar
  33. 33.
    Abadi, M., Budiu, M., Erlingsson, U., Ligatti, J.: Control-Flow Integrity: Principles, Implementations, and Applications. In: Proceedings of the ACM Conference on Computer and Communications Security (CCS), ACM Press, New York (2005)Google Scholar
  34. 34.
    Rinard, M.: Acceptability-oriented Computing. In: Proceedings of ACM OOPSLA, ACM Press, New York (2003)Google Scholar
  35. 35.
    Oplinger, J., Lam, M.S.: Enhancing Software Reliability with Speculative Threads. In: Proceedings of the 10th International Conference on Architectural Support for Programming Languages and Operating Systems (ASPLOS X) (2002)Google Scholar
  36. 36.
    Candea, G., Fox, A: Crash-Only Software. In: Proceedings of the 9th workshop on Hot Topics in Operating Systems (HOTOS-IX) (2003)Google Scholar
  37. 37.
    Demsky, B., Rinard, M.C.: Automatic Detection and Repair of Errors in Data Structures. In: Proceedings of ACM OOPSLA, ACM Press, New York (2003)Google Scholar
  38. 38.
    Qin, F., Tucek, J., Sundaresan, J., Zhou, Y.: Rx: treating bugs as allergies—a safe method to survive software failures. In: Herbert, A., Birman, K.P. (eds.) Proceedings of ACM SOSP, pp. 235–248. ACM Press, New York (2005)Google Scholar
  39. 39.
    Rinard, M., Cadar, C., Dumitran, D., Roy, D. Leu, T.: A Dynamic Technique for Eliminating Buffer Overflow Vulnerabilities (and Other Memory Errors). In: Proceedings of ACSAC (2004)Google Scholar
  40. 40.
    Wang, N., Fertig, M., Patel, S.: Y-Branches: When You Come to a Fork in the Road, Take It. In: Proceedings of the 12th International Conference on Parallel Architectures and Compilation Techniques (2003)Google Scholar
  41. 41.
    Chandra, S., Chen, P.M.: Wither Generic Recovery from Application Faults? A Fault Study using Open-Source Software. In: Proceedings of DSN/FTCS (2000)Google Scholar
  42. 42.
    Chandra, S.: An Evaluation of the Recovery-related Properties of Software Faults. PhD thesis, University of Michigan (2000)Google Scholar
  43. 43.
    Rudys, A, Wallach, D.S.: Termination in Language-based Systems. ACM Transactions on Information and System Security 5 (2002)Google Scholar
  44. 44.
    Rudys, A., Wallach, D.S.: Transactional Rollback for Language-Based Systems. In: ISOC Symposium on Network and Distributed Systems Security (SNDSS) (2001)Google Scholar
  45. 45.
    Locasto, M.E., Stavrou, A., Cretu, G.F., Keromytis, A.D., Stolfo, S.J.: Quantifying Application Behavior Space for Detection and Self-Healing. Technical Report CUCS-017-06, Columbia University Computer Science Department (2006)Google Scholar
  46. 46.
    Sidiroglou, S., Laadan, O., Keromytis, A.D., Nieh, J.: Using Rescue Points to Navigate Soft-ware Recovery (Short Paper). In: Proceedings of the IEEE Symposium on Security and Privacy. IEEE Computer Society Press, Los Alamitos (2007)Google Scholar
  47. 47.
    Brooks, F.P.: Mythical Man-Month, 1st edn. Addison-Wesley, Reading (1975)Google Scholar
  48. 48.
    Locasto, M.E., Sidiroglou, S., Keromytis, A.D.: Speculative Virtual Verification: Policy-Constrained Speculative Execution. In: Proceedings of the New Security Paradigms Workshop (NSPW), pp. 170–175 (2005)Google Scholar
  49. 49.
    Locasto, M., Sidiroglou, S., Keromytis, A.: Software Self-Healing Using Collaborative Application Communities. In: Proceedings of the Internet Society (ISOC) Symposium on Network and Distributed Systems Security (SNDSS) (2006)Google Scholar
  50. 50.
    Locasto, M.E., Stavrou, A., Cretu, G.F., Keromytis, A.D.: From STEM to SEAD: Speculative Execution for Automated Defense. In: Proceedings of the USENIX Annual Technical Conference (2007)Google Scholar

Copyright information

© Springer-Verlag Berlin Heidelberg 2007

Authors and Affiliations

  • Angelos D. Keromytis
    • 1
  1. 1.Department of Computer ScienceColumbia UniversityNew YorkUSA

Personalised recommendations