A Binary Agent Technology for COTS Software Integrity Anant Agarwal Richard Schooler.

Slides:



Advertisements
Similar presentations
REST Introduction 吴海生 博克软件(杭州)有限公司.
Advertisements

© 2007 Eaton Corporation. All rights reserved. LabVIEW State Machine Architectures Presented By Scott Sirrine Eaton Corporation.
Seyedehmehrnaz Mireslami, Mohammad Moshirpour, Behrouz H. Far Department of Electrical and Computer Engineering University of Calgary, Canada {smiresla,
More on Processes Chapter 3. Process image _the physical representation of a process in the OS _an address space consisting of code, data and stack segments.
CS4231 Parallel and Distributed Algorithms AY 2006/2007 Semester 2 Lecture 4 Instructor: Haifeng YU.
Remote Procedure Call (RPC)
Trace Analysis Chunxu Tang. The Mystery Machine: End-to-end performance analysis of large-scale Internet services.
Critical Software Security Through Replication and Virtualization A Research Proposal Dennis Edwards Sharon Simmons Arangamanikkannan Manickam.
Threads, SMP, and Microkernels Chapter 4. Process Resource ownership - process is allocated a virtual address space to hold the process image Scheduling/execution-
Virtual Synchrony Jared Cantwell. Review Multicast Causal and total ordering Consistent Cuts Synchronized clocks Impossibility of consensus Distributed.
CMPT 431 Dr. Alexandra Fedorova Lecture VIII: Time And Global Clocks.
Group Communications Group communication: one source process sending a message to a group of processes: Destination is a group rather than a single process.
CS 582 / CMPE 481 Distributed Systems
Demystifying Architectural Styles Nikunj Mehta 3/11/02Demystifying Architectural Styles2 Agenda Architectural Styles The Alfa Project Architectural framework.
2/23/2009CS50901 Implementing Fault-Tolerant Services Using the State Machine Approach: A Tutorial Fred B. Schneider Presenter: Aly Farahat.
Unified Modeling (Part I) Overview of UML & Modeling
Active Messages: a Mechanism for Integrated Communication and Computation von Eicken et. al. Brian Kazian CS258 Spring 2008.
CprE 458/558: Real-Time Systems
Winter Retreat Connecting the Dots: Using Runtime Paths for Macro Analysis Mike Chen, Emre Kıcıman, Anthony Accardi, Armando Fox, Eric Brewer
.NET Mobile Application Development Remote Procedure Call.
Instrumentation and Measurement CSci 599 Class Presentation Shreyans Mehta.
Time, Clocks, and the Ordering of Events in a Distributed System Leslie Lamport (1978) Presented by: Yoav Kantor.
Processes Part I Processes & Threads* *Referred to slides by Dr. Sanjeev Setia at George Mason University Chapter 3.
CSE 486/586, Spring 2013 CSE 486/586 Distributed Systems Logical Time Steve Ko Computer Sciences and Engineering University at Buffalo.
Deterministic Replay of Java Multithreaded Applications Jong-Deok Choi and Harini Srinivasan slides made by Qing Zhang.
Success status, page 1 Collaborative learning for security and repair in application communities MIT & Determina AC PI meeting July 10, 2007 Milestones.
Fault and Intrusion Tolerant (FIT) Event Broker & BFT-SMaRt A. Casimiro, D. Kreutz, A. Bessani, J. Sousa, I. Antunes, P. Veríssimo University of Lisboa,
4/2/03I-1 © 2001 T. Horton CS 494 Object-Oriented Analysis & Design Software Architecture and Design Readings: Ambler, Chap. 7 (Sections to start.
Supporting Operational Team Filippo Lambiente (Progress Software)
Test Loads Andy Wang CIS Computer Systems Performance Analysis.
Advanced Computer Networks Topic 2: Characterization of Distributed Systems.
DARPA Jul A Binary Agent Technology for COTS Software Integrity Anant Agarwal Richard Schooler InCert Software.
Software Engineering Prof. Ing. Ivo Vondrak, CSc. Dept. of Computer Science Technical University of Ostrava
Client Call Back Client Call Back is useful for multiple clients to keep up to date about changes on the server Example: One auction server and several.
Submodule construction in logics 1 Gregor v. Bochmann, University of Ottawa Using First-Order Logic to Reason about Submodule Construction Gregor v. Bochmann.
TAL7011 – Lecture 4 UML for Architecture Modeling.
“Virtual Time and Global States of Distributed Systems”
CSE 486/586 CSE 486/586 Distributed Systems Logical Time Steve Ko Computer Sciences and Engineering University at Buffalo.
A Collaborative Framework for Scientific Data Analysis and Visualization Jaliya Ekanayake, Shrideep Pallickara, and Geoffrey Fox Department of Computer.
© 2006, National Research Council Canada © 2006, IBM Corporation Solving performance issues in OTS-based systems Erik Putrycz Software Engineering Group.
David Adams ATLAS DIAL: Distributed Interactive Analysis of Large datasets David Adams BNL August 5, 2002 BNL OMEGA talk.
Practical Workflow Services Peter Goodman. Agenda  Why Workflow?  The Workflow Runtime  Workflow Services  Windows Server AppFabric  Demo.
Intel Multimedia Extensions and Hyper-Threading Michele Co CS451.
A Binary Agent Technology for COTS Software Integrity Anant Agarwal Richard Schooler InCert Software.
Vertical Profiling : Understanding the Behavior of Object-Oriented Applications Sookmyung Women’s Univ. PsLab Sewon,Moon.
Join us on Twitter: #AU2013 Building Well-Performing Autodesk® AutoCAD® Applications Albert Szilvasy Software Architect.
Source Level Debugging of Parallel Programs Roland Wismüller LRR-TUM, TU München Germany.
1 Channel Access Concepts – IHEP EPICS Training – K.F – Aug EPICS Channel Access Concepts Kazuro Furukawa, KEK (Bob Dalesio, LANL)
A Binary Agent Technology for COTS Software Integrity Anant Agarwal Richard Schooler.
Distributed systems. distributed systems and protocols distributed systems: use components located at networked computers use message-passing to coordinate.
Application Communities Phase 2 (AC2) Project Overview Nov. 20, 2008 Greg Sullivan BAE Systems Advanced Information Technologies (AIT)
CSE 486/586, Spring 2014 CSE 486/586 Distributed Systems Logical Time Steve Ko Computer Sciences and Engineering University at Buffalo.
Test Loads Andy Wang CIS Computer Systems Performance Analysis.
Constraint Framework, page 1 Collaborative learning for security and repair in application communities MIT site visit April 10, 2007 Constraints approach.
Greetings. Those of you who don't yet know me... Today is... and
Andy Wang CIS 5930 Computer Systems Performance Analysis
Parallel and Distributed Simulation Techniques
Enterprise Computing Collaboration System Example
#01 Client/Server Computing
COT 5611 Operating Systems Design Principles Spring 2012
Model Checking for an Executable Subset of UML
Mobile Agents.
Time And Global Clocks CMPT 431.
Operating Systems : Overview
COM, DCOM and Software Components
Operating Systems : Overview
Operating Systems: A Modern Perspective, Chapter 6
COT 5611 Operating Systems Design Principles Spring 2014
Embedded Development Tools
#01 Client/Server Computing
Presentation transcript:

A Binary Agent Technology for COTS Software Integrity Anant Agarwal Richard Schooler

DARPA Aug Agenda n Objectives & Approach n Status n Distributed Traces n Next Steps

DARPA Aug Objectives n “First-fault” diagnosis of application mis-behavior (defects, attacks); forensic tracing. n “Always on”: obviate need to replicate failures/attacks. n Fine-grain execution monitoring. n Focus on: n Deployed applications - not just for development, QA phases. n Inside the application - not just externally- visible behavior.

DARPA Aug Status n Achievements: n Windows, Solaris C/C++ binary instrumentation technology: fine-grain (instruction-level) high- performance (<5% overhead) execution tracing. n “First-fault” diagnosis of application mis-behavior: “always on” monitoring. n Transitioned as commercial product. n Follow-on/seedling project: n Forensic tracing of distributed applications: multi- process, multi-machine. n Exploring self-healing technologies.

DARPA Aug Cross-Thread Interleaving n Previous work: individual processes. n Per-thread history buffers, interleaved through (virtual) timestamps at potential interaction points (thread creation, synch., etc.). Thread 1Thread 2

DARPA Aug Distributed Traces n Extend to multiple related processes: n Real timestamps. n Cross-process interaction points: RPC, other IPC (asynchronous messaging, etc.). n Causality: logical identity. Call A A: entry : call C : return B: entry : : return C: entry : : return Call B

DARPA Aug Requirements n Functional requirements: n When:get control for “interesting” events, ideally synchronously, in right thread context. n What: know what kind of event happened, with identity, other correlative data. n Partial:shouldn’t have to have whole system instrumented. n Performance: fast enough for production.

DARPA Aug Current Implementation n Current status: CoRegisterChannelHook : register IChannelHook interface to receive notifications for client/server send/recv. (Undocumented, but “well-known” :-) n Also can send protocol extension data: causality ids, etc. n Meets goals: When, What, Partial, Performance n Demo…

DARPA Aug Issues n “Partial” problem is hard, so how do we fill in missing events/data? n Infer it (state machine, …) n Other instrumentation technologies: n MTS/COM+ instrumentation events: but looks more oriented to external monitors. Lower-level hooking, i.e. within OLE32.DLL. CoRegisterMessageFilter : only calls, not returns? n “Universal Delegator”: wrap all objects.

DARPA Aug Next Steps - Dist. Traces n Better causality tracking, visualization n Cross-machine tracing: clock skew! n Can we derive sufficient constrains from causality? E.g send/receive ordering. n Explore “partial” problem: n Different instrumentation technologies and inference techniques.

DARPA Aug Self-Healing n Paradigm: o bserve, learn, adapt/heal. n Examples: n “Nanny” process: shoot down and restart. n Garbage collection. n Replace components n... Detection Notification Root- Cause Analysis Self-Healing

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2025 SlidePlayer.com. Inc. All rights reserved.