Constraint Framework, page 1 Collaborative learning for security and repair in application communities MIT site visit April 10, 2007 Constraints approach.

Slides:



Advertisements
Similar presentations
Ensuring Operating System Kernel Integrity with OSck By Owen S. Hofmann Alan M. Dunn Sangman Kim Indrajit Roy Emmett Witchel Kent State University College.
Advertisements

David Brumley, Pongsin Poosankam, Dawn Song and Jiang Zheng Presented by Nimrod Partush.
Bouncer securing software by blocking bad input Miguel Castro Manuel Costa, Lidong Zhou, Lintao Zhang, and Marcus Peinado Microsoft Research.
Bug Isolation via Remote Program Sampling Ben Liblit, Alex Aiken, Alice X.Zheng, Michael I.Jordan Presented by: Xia Cheng.
Software-based Code Attestation for Wireless Sensors.
LIFT: A Low-Overhead Practical Information Flow Tracking System for Detecting Security Attacks Feng Qin, Cheng Wang, Zhenmin Li, Ho-seop Kim, Yuanyuan.
Michael Ernst, page 1 Improving Test Suites via Operational Abstraction Michael Ernst MIT Lab for Computer Science Joint.
Vigilante: End-to-End Containment of Internet Worms M. Costa et al. (MSR) SOSP 2005 Shimin Chen LBA Reading Group.
Patch Management Module 13. Module You Are Here VMware vSphere 4.1: Install, Configure, Manage – Revision A Operations vSphere Environment Introduction.
Address Obfuscation: An Efficient Approach to Combat a Broad Range of Memory Error Exploits Sandeep Bhatkar, Daniel C. DuVarney, and R. Sekar Stony Brook.
Lucent Technologies – Proprietary Use pursuant to company instruction Learning Sequential Models for Detecting Anomalous Protocol Usage (work in progress)
Success status, page 1 Collaborative learning for security and repair in application communities MIT & Determina AC PI meeting July 10, 2007 Milestones.
© 2010 VMware Inc. All rights reserved Patch Management Module 13.
Michael Ernst, page 1 Collaborative Learning for Security and Repair in Application Communities Performers: MIT and Determina Michael Ernst MIT Computer.
Self-defending software: Automatically patching security vulnerabilities Michael Ernst University of Washington.
Computer Security and Penetration Testing
Learning, Monitoring, and Repair in Application Communities Martin Rinard Computer Science and Artificial Intelligence Laboratory Massachusetts Institute.
ZigZag: Automatically Hardening Web Applications Against Client-side Validation Vulnerabilities Presented by Xianchen Meng CSCI 680 Advanced System and.
Interception and Analysis Framework for Win32 Scripts (not for public release) Tim Hollebeek, Ph.D.
Vigilante: End-to-End Containment of Internet Worms Authors : M. Costa, J. Crowcroft, M. Castro, A. Rowstron, L. Zhou, L. Zhang, and P. Barham In Proceedings.
Determina DARPA PI meeting Page 2Confidential © Determina, Inc. Agenda LiveShield –Product and Technology –Current Status Applications to Application.
Self-defending software: Automatically patching errors in deployed software Michael Ernst University of Washington Joint work with: Saman Amarasinghe,
MICHALIS POLYCHRONAKIS(COLUMBIA UNIVERSITY,USA), KOSTAS G. ANAGNOSTAKIS(NIOMETRICS, SINGAPORE), EVANGELOS P. MARKATOS(FORTH-ICS, GREECE) ACSAC,2010 Comprehensive.
Title of Selected Paper: IMPRES: Integrated Monitoring for Processor Reliability and Security Authors: Roshan G. Ragel and Sri Parameswaran Presented by:
Securing Your Enterprise with Enterprise Manager 10g Amir Najmi Principal Member of Technical Staff System Management Products Oracle Corporation Session.
Buffer Overflow Attack Proofing of Code Binary Gopal Gupta, Parag Doshi, R. Reghuramalingam, Doug Harris The University of Texas at Dallas.
Wireless and Mobile Security
Collaborative learning for security and repair in application communities MIT site visit April 10, 2007 Welcome.
A Binary Agent Technology for COTS Software Integrity Anant Agarwal Richard Schooler InCert Software.
Self-defending software: Collaborative learning for security and repair Michael Ernst MIT Computer Science & AI Lab.
Application Communities Phase 2 (AC2) Project Overview Nov. 20, 2008 Greg Sullivan BAE Systems Advanced Information Technologies (AIT)
MIT/Determina Application Communities, page 1 Approved for Public Release, Distribution Unlimited - Case 9649 Collaborative learning for security and repair.
Michael Ernst, page 1 Application Communities: Next steps MIT & Determina October 2006.
Collaborative learning for security and repair in application communities MIT site visit April 10, 2007 Conclusion.
Microsoft NDA Material Adwait Joshi Sr. Technical Product Manager Microsoft Corporation.
Vigilante: End-to-End Containment of Internet Worms Manuel Costa, Jon Crowcroft, Miguel Castro, Antony Rowstron, Lidong Zhou, Lintao Zhang and Paul Barham.
SOFTWARE TESTING TRAINING TOOLS SUPPORT FOR SOFTWARE TESTING Chapter 6 immaculateres 1.
Database and Cloud Security
Application Communities
Patch Management Module 13.
Securing Network Servers
Chapter 8 Environments, Alternatives, and Decisions.
Presentation by: Naga Sri Charan Pendyala
Critical Security Controls
Configuration Fuzzing for Software Vulnerability Detection
Overview – SOE PatchTT November 2015.
Overview Firefox exploit Instrumentation: Finding values
Putting It All Together
Putting It All Together
Panasonic UC Pro - Group Policy related features -
A Security Review Process for Existing Software Applications
Speaker’s Name, SAP Month 00, 2017
Cross-Site Request Forgeries: Exploitation and Prevention
Security in Networking
Intercept X for Server Early Access Program Sophos Tester
High Coverage Detection of Input-Related Security Faults
Providing Secure Storage on the Internet
11/17/2018 9:32 PM © Microsoft Corporation. All rights reserved. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN.
Lecture 22 Inheritance Richard Gesick.
Detecting Targeted Attacks Using Shadow Honeypots
Outline Midterm results summary Distributed file systems – continued
TRIP WIRE INTRUSION DETECTION SYSYTEM Presented by.
Mock Object Creation for Test Factoring
All You Ever Wanted to Know About Dynamic Taint Analysis & Forward Symbolic Execution (but might have been afraid to ask) Edward J. Schwartz, Thanassis.
Shielding applications from an untrusted cloud with Haven
CSC-682 Advanced Computer Security
Outline System architecture Experiments
Outline System architecture Current work Experiments Next Steps
5/12/2019 2:57 PM © Microsoft Corporation. All rights reserved.
A Virtual Machine Monitor for Utilizing Non-dedicated Clusters
Presentation transcript:

Constraint Framework, page 1 Collaborative learning for security and repair in application communities MIT site visit April 10, 2007 Constraints approach

Constraint Framework, page 2 Constraint Framework Objective: Automatically repair vulnerabilities in COTS software using dynamically learned constraints Key Features: Attack detector based constraint checking greatly limits false positives Code injection and Denial of Service (crashes) vulnerabilities are protected Other detectors can be added to the framework Supports arbitrary x86 binaries Repairs are monitored and those that perform poorly are removed.

Constraint Framework, page 3 Outline Constraint framework overview (Michael Ernst) Instrumentation (Sung Kim) Firefox exploit details Instrumentation details Learning and repair (Yoav Zibin) Finding invariants with Daikon Creating and installing repair patches with LiveShield

Constraint Framework, page 4 Merge Constraints Monitor Learn x < 18x < 20x < 14 x < 20

Constraint Framework, page 5 Attack Location Enable logging of constraints related to attack Monitor Learn Monitor Security Server

Constraint Framework, page 6 Security Server Constraint/Attack Information Constraint Information Monitor Learn Monitor Logging

Constraint Framework, page 7 Constraint/Repair Information Distribute possible repairs Monitor Learn Monitor Logging Monitor Eval Repairs Security Server

Constraint Framework, page 8 Monitor Learn Monitor Logging Patch Activation Information Monitor Eval Repairs Monitor Secure Security Server Distribute most successful repair(s)

Constraint Framework, page 9 Learning Applications are instrumented throughout the community Only a small percentage of an application is instrumented on each machine Constraints are found locally and then merged centrally Constraints are learned at the basic block level Variables from multiple basic blocks in a function can be used Loop invariants and flow dependent invariants can be found Built on Determina’s client library Low overhead No visible change to client programs

Constraint Framework, page 10 Monitoring – detect attacks/bugs Current detectors Code injection (Determina’s Memory Firewall) Crashes (denial of service) Address violations Divide by zero Assertion checks Low overhead, no false positives Constraint violations are not an attack! Attack locations are sent to central server Framework supports additional detectors Unusual code execution Heap consistency checker User complaints

Constraint Framework, page 11 Logging - Correlate constraints and attacks Logging is enabled for constraints related to the attack across the community Overhead is low only related constraints are enabled for logging distribute logging over the community Send results to a central server for analysis A critical constraints is one that is violated if and only if there is an attack Repairs are created for each critical constraint There may be more than one possible repair for each constraint

Constraint Framework, page 12 Attack / repair example Attack exploits the C++ implementation of a Javascript system routine The type of the Javascript argument is not checked. System routine casts to a C++ object, calls a virtual method The object has a virtual table entry that points to injected code Violated constraint is found at the method call JSRI Address is in a set of legal method addresses Possible repairs Ignore the call Call one of the known valid methods Return early No repair

Constraint Framework, page 13 Evaluate repairs Server creates patches for each possible repair for each correlated constraint Server distributes each patch to a subset of the community When a patch is activated (the constraint is violated), the community member evaluates it and sends the results to the central server Is the attack avoided? Does the program exhibit other problems? Central server analyzes results The most successful patch is distributed and other patches are abandoned

Constraint Framework, page 14 Conclusion Critical vulnerabilities are addressed Code injection Denial of service Framework can be extended to other detectors Vulnerability is closed This attack will fail in the future Overhead is low Detector overhead is low Only constraints associated with attacks are logged Effective on legacy x86 binaries

Constraint Framework, page 15 Repair risks are low Constraints are formed during extensive learning throughout the community Only constraint violations that correlate with attacks are checked and repaired No guarantee of perfect behavior Alternative is a crash (or worse) Observed good behavior in practice Continue to monitor behavior across the community

Constraint Framework, page 16 Status Working Instrumentation of stripped Windows binaries with no debug information. Community learning Detection of code injection and crashes Repair generation (partially automated) and distribution Future Logging Repair evaluation Integration

Constraint Framework, page 17 Outline Constraint framework overview (Michael Ernst) Instrumentation (Sung Kim) Firefox exploit details Instrumentation details Learning and repair (Yoav Zibin) Finding invariants with Daikon Creating and installing repair patches with LiveShield

Constraint Framework, page 18 Application Communities Large installations with similar programs Windows Office One vulnerability can affect thousands of machines Goal: use the community to automatically detect attacks and repair vulnerabilities Approach: infer invariants and make related repairs Use the community to determine which constraints to enforce Use the community to evaluate repairs

Constraint Framework, page 19 Constraint Framework Monitor Learn Monitor Log Monitor Eval Repairs Monitor Secure AttackAttacks Merge Monitor Server

Constraint Framework, page 20 Talks Instrumentation for learning (Sung Kim) Firefox Exploit details Finding constraints (Yoav Zibin) Learning challenges Constraints associated with exploits Patch generation Demo Summary of exploits and our results

Constraint Framework, page 21 Constraint Framework Learn constraints throughout the community Detect an Attack (code injections, crashes, etc) Correlate constraint violations to attacks Create and evaluate fixes Deploy the best fix

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2025 SlidePlayer.com. Inc. All rights reserved.