From STEM to SEAD: Speculative Execution for Automated Defense

USENIX 2007 - 2007 USENIX Annual Technical Conference

Volumn , Issue , 2007, Pages 219-232

  Locasto, Michael E ^a   Stavrou, Angelos ^a   Cretu, Gabriela F ^a   Keromytis, Angelos D ^a  

^a Columbia University ^*  (United States)

Author keywords

[No Author keywords available]

Indexed keywords

APPLICATION PROGRAMS; NETWORK SECURITY; REPAIR; SELF-HEALING MATERIALS;

COMMERCIAL OFF-THE-SHELF SOFTWARES; DEFENCE SYSTEMS; LEGACY APPLICATIONS; PRACTICAL ISSUES; RECENT RESEARCHES; SELF-HEALING; SELF-HEALING SYSTEMS; SOURCE CODES; SPECULATIVE EXECUTION; SYSTEM CRASHES;

SEMANTICS;

EID: 59249094964     PISSN: None     EISSN: None     Source Type: Conference Proceeding    
DOI: None     Document Type: Conference Paper

References (36)

1. ABADI, M., BUDIU, M., ERLINGSSON, U., AND LIGATTI, J. Control-Flow Integrity: Principles, Implementations, and Applications. In Proceedings of the ACM Conference on Computer and Communications Security (CCS) (2005).
2. BARATLOO, A., SINGH, N., AND TSAI, T. Transparent Run-Time Defense Against Stack Smashing Attacks. In Proceedings of the USENIX Annual Technical Conference (June 2000).
3. BHATKAR, S., CHATURVEDI, A., AND SEKAR., R. Improving Attack Detection in Host-Based IDS by Learning Properties of System Call Arguments. In Proceedings of the IEEE Symposium on Security and Privacy (2006).
4. th ACM SIGOPS European Workshop (Saint-Emilion, France, Sept. 2002).
5. th Workshop on Hot Topics in Operating Systems (HOTOS-IX) (May 2003).
6. th Symposium on Network and Distributed Systems Security (NDSS 2002) (2002).
7. CLARK, D. D., AND WILSON, D. R. A Comparison of Commercial and Military Computer Security Policies. In Proceedings of the IEEE Symposium on Security and Privacy (1987).
8. COSTA, M., CROWCROFT, J., CASTRO, M., AND ROWSTRON, A. Vigilante: End-to-End Containment of Internet Worms. In Proceedings of the Symposium on Systems and Operating Systems Principles (SOSP) (2005).
9. COWAN, C., PU, C., MAIER, D., HINTON, H., WALPOLE, J., BAKKE, P., BEATTIE, S., GRIER, A., WAGLE, P., AND ZHANG, Q. Stackguard: Automatic Adaptive Detection and Prevention of Buffer-Overflow Attacks. In Proceedings of the USENIX Security Symposium (1998).
10. CUI, W., PEINADO, M., WANG, H. J., AND LOCASTO, M. E. ShieldGen: Automated Data Patch Generation for Unknown Vulnerabilities with Informed Probing. In Proceedings of the IEEE Symposium on Security and Privacy (May 2007).
11. th Annual ACM SIGPLAN Conference on Object Oriented Programming, Systems, Languages, and Applications (October 2003).
12. FENG, H. H., KOLESNIKOV, O., FOGLA, P., LEE, W., AND GONG, W. Anomaly Detection Using Call Stack Information. In Proceedings of the 2003 IEEE Symposium on Security and Privacy (May 2003).
13. GAO, D., REITER, M. K., AND SONG, D. Gray-Box Extraction of Execution Graphs for Anomaly Detection. In Proceedings of the ACM Conference on Computer and Communications Security (CCS) (2004).
14. th International Symposium on Recent Advances in Intrusion Detection (RAID) (September 2005).
15. HOFMEYR, S. A., SOMAYAJI, A., AND FORREST, S. Intrusion Detection System Using Sequences of System Calls. Journal of Computer Security 6, 3 (1998), 151-180.
16. H TTP://S ER G.CS.D R EXEL.ED U/COSAK/IND EX.SH TM L.
17. th USENIX Security Symposium (August 2002).
18. th International Symposium on Recent Advances in Intrusion Detection (September 2004).
19. th ACM Conference on Computer and Communications Security (CCS) (November 2005).
20. LOCASTO, M. E., CRETU, G. F., STAVROU, A., AND KEROMYTIS, A. D. A Model for Automatically Repairing Execution Integrity. Tech. Rep. CUCS-005-07, Columbia University, January 2007.
21. th Symposium on Network and Distributed System Security (NDSS 2006) (February 2006), pp. 95-106.
22. th International Symposium on Recent Advances in Intrusion Detection (RAID) (September 2005), pp. 82-101.
23. LUK, C.-K., COHN, R., MUTH, R., PATIL, H., KLAUSER, A., LOWNEY, G., WALLACE, S., REDDI, V. J., AND HAZEL-WOOD., K. Pin: Building Customized Program Analysis Tools with Dynamic Instrumentation. In Proceedings of Programming Language Design and Implementation (PLDI) (June 2005).
24. th Symposium on Network and Distributed System Security (NDSS 2006) (February 2006).
25. th Symposium on Network and Distributed System Security (NDSS) (February 2005).
26. th International Conference on Architectural Support for Programming Languages and Operating Systems (ASPLOS X) (October 2002).
27. th USENIX Security Symposium (August 2003), pp. 207-225.
28. QIN, F., TUCEK, J., SUNDARESAN, J., AND ZHOU, Y. Rx: Treating Bugs as Allergies - A Safe Method to Survive Software Failures. In Proceedings of the Symposium on Systems and Operating Systems Principles (SOSP) (2005).
29. th Symposium on Operating Systems Design and Implementation (OSDI) (December 2004).
30. SIDIROGLOU, S., LAADAN, O., KEROMYTIS, A. D., AND NIEH, J. Using Rescue Points to Navigate Software Recovery (Short Paper). In Proceedings of the IEEE Symposium on Security and Privacy (May 2007).
31. SIDIROGLOU, S., LOCASTO, M. E., BOYD, S. W., AND KEROMYTIS, A. D. Building a Reactive Immune System for Software Services. In Proceedings of the USENIX Annual Technical Conference (April 2005), pp. 149-161.
32. th Symposium on Network and Distributed System Security (NDSS) (February 2005).
33. th USENIX Security Symposium (August 2000).
34. th International Conference on Architectural Support for Programming Languages and Operating Systems (ASPLOS-XI) (October 2004).
35. TUCEK, J., LU, S., HUANG, C., XANTHOS, S., ZHOU, Y., NEWSOME, J., BRUMLEY, D., AND SONG, D. Sweeper: A Lightweight End-to-End System for Defending Against Fast Worms. In EuroSys (2007).
36. th ACM Conference on Computer and Communications Security (CCS) (November 2005).