Michael Ernst, page 1 Collaborative Learning for Security and Repair in Application Communities Performers: MIT and Determina Michael Ernst MIT Computer.

Slides:

Advertisements

Similar presentations

Henry C. H. Chen and Patrick P. C. Lee

Advertisements

Ensuring Operating System Kernel Integrity with OSck By Owen S. Hofmann Alan M. Dunn Sangman Kim Indrajit Roy Emmett Witchel Kent State University College.

Software Quality Assurance Plan

1 Software Testing and Quality Assurance Lecture 13 - Planning for Testing (Chapter 3, A Practical Guide to Testing Object- Oriented Software)

David Brumley, Pongsin Poosankam, Dawn Song and Jiang Zheng Presented by Nimrod Partush.

Experimental Evaluation of a SIFT Environment for Parallel Spaceborne Applications K. Whisnant, Z. Kalbarczyk, R.K. Iyer, P. Jones Center for Reliable.

Professor Michael J. Losacco CIS 1150 – Introduction to Computer Information Systems Programming and Languages Chapter 13.

Bug Isolation via Remote Program Sampling Ben Liblit, Alex Aiken, Alice X.Zheng, Michael I.Jordan Presented by: Xia Cheng.

Abirami Poonkundran 2/22/10.  Goal  Introduction  Testing Methods  Testing Scope  My Focus  Current Progress  Explanation of Tools  Things to.

DEV392: Extending SharePoint Products And Technologies Through Web Parts And ASP.NET Clint Covington, Program Manager Data And Developer Services - Office.

Cumulative Violation For any window size  t  Communication-Efficient Tracking for Distributed Cumulative Triggers Ling Huang* Minos Garofalakis.

Michael Ernst, page 1 Improving Test Suites via Operational Abstraction Michael Ernst MIT Lab for Computer Science Joint.

SDLC. Information Systems Development Terms SDLC - the development method used by most organizations today for large, complex systems Systems Analysts.

Acquiring Information Systems and Applications

Data Structures and Programming.  John Edgar2.

Client/Server Architectures

February Semantion Privately owned, founded in 2000 First commercial implementation of OASIS ebXML Registry and Repository.

Success status, page 1 Collaborative learning for security and repair in application communities MIT & Determina AC PI meeting July 10, 2007 Milestones.

© Janice Regan, CMPT 128, Jan CMPT 128 Introduction to Computing Science for Engineering Students Creating a program.

Software Quality Assurance Lecture #8 By: Faraz Ahmed.

PIC: Practical Internet Coordinates for Distance Estimation Manuel Costa joint work with Miguel Castro, Ant Rowstron, Peter Key Microsoft Research Cambridge.

NICE :Network Intrusion Detection and Countermeasure Selection in Virtual Network Systems.

Self-defending software: Automatically patching security vulnerabilities Michael Ernst University of Washington.

Computer Science Open Research Questions Adversary models –Define/Formalize adversary models Need to incorporate characteristics of new technologies and.

Computer Security and Penetration Testing

EMI INFSO-RI SA2 - Quality Assurance Alberto Aimar (CERN) SA2 Leader EMI First EC Review 22 June 2011, Brussels.

Learning, Monitoring, and Repair in Application Communities Martin Rinard Computer Science and Artificial Intelligence Laboratory Massachusetts Institute.

Testing Basics of Testing Presented by: Vijay.C.G – Glister Tech.

DBPD: A Dynamic Birthmark-based Software Plagiarism Detection Tool

Probabilistic Reasoning for Robust Plan Execution Steve Schaffer, Brad Clement, Steve Chien Artificial Intelligence.

Interception and Analysis Framework for Win32 Scripts (not for public release) Tim Hollebeek, Ph.D.

Acquiring Information Systems and Applications

Determina DARPA PI meeting Page 2Confidential © Determina, Inc. Agenda LiveShield –Product and Technology –Current Status Applications to Application.

CHAPTER 13 Acquiring Information Systems and Applications.

Self-defending software: Automatically patching errors in deployed software Michael Ernst University of Washington Joint work with: Saman Amarasinghe,

Presented by: Reem Alshahrani. Outlines What is Virtualization Virtual environment components Advantages Security Challenges in virtualized environments.

Zibin Zheng DR 2 : Dynamic Request Routing for Tolerating Latency Variability in Cloud Applications CLOUD 2013 Jieming Zhu, Zibin.

Microsoft Management Seminar Series SMS 2003 Change Management.

Fault Tolerance Benchmarking. 2 Owerview What is Benchmarking? What is Dependability? What is Dependability Benchmarking? What is the relation between.

CSCE 548 Secure Software Development Security Operations.

High Confidence Software and Systems HCMDSS Workshop Brad Martin June 2, 2005.

Rob Davidson, Partner Technology Specialist Microsoft Management Servers: Using management to stay secure.

© Copyright 2012 Hewlett-Packard Development Company, L.P. The information contained herein is subject to change without notice. 1 Automate your way to.

 Programming - the process of creating computer programs.

Application Communities Phase II Technical Progress, Instrumentation, System Design, Plans March 10, 2009.

Process Asad Ur Rehman Chief Technology Officer Feditec Enterprise.

Survey of Tools to Support Safe Adaptation with Validation Alain Esteva-Ramirez School of Computing and Information Sciences Florida International University.

CISC 849 : Applications in Fintech Namami Shukla Dept of Computer & Information Sciences University of Delaware iCARE : A Framework for Big Data Based.

Collaborative learning for security and repair in application communities MIT site visit April 10, 2007 Welcome.

Grigore Rosu Founder, President and CEO Professor of Computer Science, University of Illinois

Virtualized Execution Realizing Network Infrastructures Enhancing Reliability Application Communities PI Meeting Arlington, VA July 10, 2007.

Self-defending software: Collaborative learning for security and repair Michael Ernst MIT Computer Science & AI Lab.

IPS Infrastructure Technological Overview of Work Done.

A Binary Agent Technology for COTS Software Integrity Anant Agarwal Richard Schooler.

Application Communities Phase 2 (AC2) Project Overview Nov. 20, 2008 Greg Sullivan BAE Systems Advanced Information Technologies (AIT)

MIT/Determina Application Communities, page 1 Approved for Public Release, Distribution Unlimited - Case 9649 Collaborative learning for security and repair.

Michael Ernst, page 1 Application Communities: Next steps MIT & Determina October 2006.

Collaborative learning for security and repair in application communities MIT site visit April 10, 2007 Conclusion.

Microsoft NDA Material Adwait Joshi Sr. Technical Product Manager Microsoft Corporation.

What is a software? Computer Software, or just Software, is the collection of computer programs and related data that provide the instructions telling.

LECTURE 5 Nangwonvuma M/ Byansi D. Components, interfaces and integration Infrastructure, Middleware and Platforms Techniques – Data warehouses, extending.

Distributed Network Monitoring in the Wisconsin Advanced Internet Lab Paul Barford Computer Science Department University of Wisconsin – Madison Spring,

In an increasingly competitive industry is certified by a recognized provider as Microsoft exam will dramatically improve your chances busy. Microsoft.

Constraint Framework, page 1 Collaborative learning for security and repair in application communities MIT site visit April 10, 2007 Constraints approach.

runtime verification Brief Overview Grigore Rosu

MANAGING KNOWLEDGE FOR THE DIGITAL FIRM

Outline System architecture Experiments

Outline System architecture Current work Experiments Next Steps

Self-Managed Systems: an Architectural Challenge

Mark Quirk Head of Technology Developer & Platform Group

Presentation transcript:

Michael Ernst, page 1 Collaborative Learning for Security and Repair in Application Communities Performers: MIT and Determina Michael Ernst MIT Computer Science & Artificial Intelligence Lab 7 July 2006

Michael Ernst, page 2 Personnel MIT Michael Ernst Martin Rinard Jeff Perkins Stephen McCamant Shay Artzi … and others Determina Sandy Wilbourn Derek Bruening Saman Amarasinghe … and others

Michael Ernst, page 3 Vulnerable monocultures Problem: Large installed bases of similar software Susceptible to a single catastrophic attack Opportunity: Large community of cooperating applications Share information about attacks, errors Experiment with different response and recovery strategies Disseminate successful approaches

Michael Ernst, page 4 Components of our solution Technical ideas: Targeted bounds enforcement Data structure consistency learning and enforcement Implementation platform Determina Managed Program Execution Engine

Michael Ernst, page 5 Cooperating communities Each computer is a sentry on watch for problems Each computer is a testbed for evaluating solutions Share information about problems and solutions The system learns: it performs better over time Example: One machine notices an error or attack Generate many distinct patches Each machine loads a randomly chosen patch Discard patches that do not yield acceptable behavior

Michael Ernst, page 6 Targeted bounds enforcement Program errors or injected code indicates bounds violations Generate patches to eliminate bounds errors Evaluate patches on many machines Filter out those that do not eliminate problems (or that cause new problems)

Michael Ernst, page 7 Data structure consistency learning and enforcement Monitor data structures in successful runs Machine learning generalizes to consistency properties Use of a community minimizes over-fitting Monitor executions for violations Repair corrupt data structures Learn which repairs are most successful Helps eliminate incorrect constraints

Michael Ernst, page 8 COTS applications Pros: Inexpensive, featureful, familiar, widely deployed Cons: Contain many (exploitable) bugs No source code or debug symbols

Michael Ernst, page 9 Determina managed execution Determina MPEE: Managed Program Execution Environment Efficient emulation engine for x86 binaries Typically <5% overhead: permits routine use API: Arbitrarily patch and modify the executable Examine instructions before execution Set breakpoints at which to suspend execution Robust and scalable (e.g., Microsoft Office apps)

Michael Ernst, page 10 Productization Determina’s customers use its security products on commercial Windows applications Determina partnership permits test and evaluation in COTS environments If successful, integrate into Vulnerability Protection Suite™ product

Michael Ernst, page 11 Why this can succeed (now) Technologies (bounds enforcement, constraint learning, and constraint enforcement) have been demonstrated in the lab Experiments limited in some ways, but more thorough than typical initial research efforts Determina toolset has unique capabilities Application community permits faster and more accurate learning, and permits experimentation by reducing the cost of any single failure

Michael Ernst, page 12 Metrics Tools for Windows binaries built on top of Determina products (MPEE, LiveShield™, etc.) Bounds enforcement detects 95% of injected code attacks and (asymptotically) recovers from 60% of them Data structure constraint learning and repair detects 50% of attacks and errors that corrupt data, and recovers from 30% of such errors and attacks

Michael Ernst, page 13 Outline of the presentation Introduction/overview Previous work on learning and repair of data structure consistency constraints DARPA Self-Regenerative Systems program Details on learning and repair components Determina security products Determina monitoring framework Plans

Michael Ernst, page 14 Challenges Performing whole-program analysis Determina tools are basic-block oriented Inferring types from the heap Past work has relied on source code or debug symbols Scaling research tools to very large systems Focus on small parts of interest Distribute work among many machines Scale back parts of the algorithms New repair algorithms: operate directly on data, tolerate potential conflicts among constraints Better tolerate mislabeled inputs to the learning algorithm Learning temporal sequences as well as data structure constraints

Michael Ernst, page 15 Activities Injected code detection Patch generation Patch evaluation and filtering Constraint learning Constraint monitoring Constraint repair Repair evaluation and filtering Infrastructure development Evaluation

Michael Ernst, page 16 Phases of the project Tool development Tool integration Experimentation Deployment

Michael Ernst, page 17 Deliverables (1) Enhanced Client Interface for MPEE (Determina) Injected Code Detection (MIT) Application State Probing (Determina) Learning for Binaries (Determina and MIT) LiveShield Constraint Creation Framework (Determina) Data Structure Consistency Checking (MIT) Patch Generation (MIT) LiveShield Coordination Center (Determina) Patch Distribution (MIT) Hybrid System for Binary Analysis (Determina)

Michael Ernst, page 18 Deliverables (2) Proactive Situation Awareness (Determina) Vulnerability Analysis (Determina) Custom Constraints (MIT) Integration, Testing, and Deployment (Determina) Alternative Repair Generation (MIT) Merging of learning (MIT) Type Inference for Heap Structures (MIT) Dynamic Constraint Update (MIT) Repair Evaluation and Filtering (MIT) Patch Testing (MIT) Patch Evaluation and Filtering (MIT)