Presentation is loading. Please wait.

Presentation is loading. Please wait.

Collaborative learning for security and repair in application communities MIT site visit April 10, 2007 Welcome.

Published byDylan Evans Modified over 9 years ago

Similar presentations

Presentation on theme: "Collaborative learning for security and repair in application communities MIT site visit April 10, 2007 Welcome."— Presentation transcript:

1 Collaborative learning for security and repair in application communities MIT site visit April 10, 2007 Welcome

2 Why use a community? Increased accuracy: richer learning Amortized risk: learn from failure Shared burden: distribute tasks

3 Community approach 1. Monitor behavior for learning 2. Detect attacks (not just constraint violations) 3. Correlate violations to attacks 4. Enforce the properties via patches (fixes) 5. Evaluate fixes in community, deploy best ones Two instantiations of community approach Constraints approach (repair violations) Genealogy approach (semantic whitelists)

4 Scope of our solution The most important attacks in practice: 1.Execution of malicious code Memory-based (constraints approach) Script-based (constraints approach) Executable-based (genealogy approach) 2.Denial of service (constraints approach)

5 Accomplishments New approach to detection –Fewer false positives than constraint violation Instrumentation of stripped Windows binaries –Variables and program points in binaries Technique for creating LiveShield patches Investigated real exploits Program genealogy approach and experiments

6 Schedule 11:30 - Welcome (Michael Ernst) 11:45 - Overview (Saman Amarasinghe) 12:15 - Lunch, discussion of approach 01:15 - Constraints Approach –Constraint framework (Jeff Perkins) –Instrumentation (Sung Kim) –Constraint and patch generation (Yoav Zibin) –Exploits and demo (Sung Kim and Yoav Zibin) 02:30 - Break 02:45 - Program Genealogy (DNA) Approach (Sam Larsen) 03:15 - Conclusion (Michael Ernst) 04:00 - Break (Lee Badger departs) 04:15 - Discussion of Red Team evaluation with IET 05:00 - IET departs

Download ppt "Collaborative learning for security and repair in application communities MIT site visit April 10, 2007 Welcome."

Similar presentations

Ensuring Operating System Kernel Integrity with OSck By Owen S. Hofmann Alan M. Dunn Sangman Kim Indrajit Roy Emmett Witchel Kent State University College.

Ensuring Operating System Kernel Integrity with OSck By Owen S. Hofmann Alan M. Dunn Sangman Kim Indrajit Roy Emmett Witchel Kent State University College.
Next Generation Endpoint Security Jason Brown Enterprise Solution Architect McAfee May 23, 2013.

Next Generation Endpoint Security Jason Brown Enterprise Solution Architect McAfee May 23, 2013.
Project Management Shuffle Directions: take the definitions from the following cards and write a song using the tune from “Cupid Shuffle”

Project Management Shuffle Directions: take the definitions from the following cards and write a song using the tune from “Cupid Shuffle”
David Brumley, Pongsin Poosankam, Dawn Song and Jiang Zheng Presented by Nimrod Partush.

David Brumley, Pongsin Poosankam, Dawn Song and Jiang Zheng Presented by Nimrod Partush.
Bug Isolation via Remote Program Sampling Ben Liblit, Alex Aiken, Alice X.Zheng, Michael I.Jordan Presented by: Xia Cheng.

Bug Isolation via Remote Program Sampling Ben Liblit, Alex Aiken, Alice X.Zheng, Michael I.Jordan Presented by: Xia Cheng.
Supervision of Production Computers in ALICE Peter Chochula for the ALICE DCS team.

Supervision of Production Computers in ALICE Peter Chochula for the ALICE DCS team.
SSP Re-hosting System Development: CLBM Overview and Module Recognition SSP Team Department of ECE Stevens Institute of Technology Presented by Hongbing.

SSP Re-hosting System Development: CLBM Overview and Module Recognition SSP Team Department of ECE Stevens Institute of Technology Presented by Hongbing.
Nozzle: A Defense Against Heap-spraying Code Injection Attacks Paruj Ratanaworabhan, Cornell University Ben Livshits and Ben Zorn, Microsoft Research (Redmond,

Nozzle: A Defense Against Heap-spraying Code Injection Attacks Paruj Ratanaworabhan, Cornell University Ben Livshits and Ben Zorn, Microsoft Research (Redmond,
Dynamically Discovering Likely Program Invariants to Support Program Evolution Michael Ernst, Jake Cockrell, William Griswold, David Notkin Presented by.

Dynamically Discovering Likely Program Invariants to Support Program Evolution Michael Ernst, Jake Cockrell, William Griswold, David Notkin Presented by.
Cumulative Violation For any window size  t  Communication-Efficient Tracking for Distributed Cumulative Triggers Ling Huang* Minos Garofalakis.

Cumulative Violation For any window size  t  Communication-Efficient Tracking for Distributed Cumulative Triggers Ling Huang* Minos Garofalakis.
Michael Ernst, page 1 Improving Test Suites via Operational Abstraction Michael Ernst MIT Lab for Computer Science Joint.

Michael Ernst, page 1 Improving Test Suites via Operational Abstraction Michael Ernst MIT Lab for Computer Science Joint.
Code Generation from CHARON Rajeev Alur, Yerang Hur, Franjo Ivancic, Jesung Kim, Insup Lee, and Oleg Sokolsky University of Pennsylvania.

Code Generation from CHARON Rajeev Alur, Yerang Hur, Franjo Ivancic, Jesung Kim, Insup Lee, and Oleg Sokolsky University of Pennsylvania.
Task Scheduler Pro Managing scheduled tasks across the enterprise Joe Vachon Sales Engineer.

Task Scheduler Pro Managing scheduled tasks across the enterprise Joe Vachon Sales Engineer.
LHC Experiment Dashboard Main areas covered by the Experiment Dashboard: Data processing monitoring (job monitoring) Data transfer monitoring Site/service.

LHC Experiment Dashboard Main areas covered by the Experiment Dashboard: Data processing monitoring (job monitoring) Data transfer monitoring Site/service.
Antivirus Software Detects malware (not just viruses) May eliminate malware as well Often sold with firewalls Two approaches: Dictionary-based - Compares.

Antivirus Software Detects malware (not just viruses) May eliminate malware as well Often sold with firewalls Two approaches: Dictionary-based - Compares.
Jarhead Analysis and Detection of Malicious Java Applets Johannes Schlumberger, Christopher Kruegel, Giovanni Vigna University of California Annual Computer.

Jarhead Analysis and Detection of Malicious Java Applets Johannes Schlumberger, Christopher Kruegel, Giovanni Vigna University of California Annual Computer.
Success status, page 1 Collaborative learning for security and repair in application communities MIT & Determina AC PI meeting July 10, 2007 Milestones.

Success status, page 1 Collaborative learning for security and repair in application communities MIT & Determina AC PI meeting July 10, 2007 Milestones.
A NASSCOM ® Initiative DSCI-KPMG Survey 2010 State Of Data Security and Privacy in the Indian Banking Industry Vinayak Godse Director- Data Protection,

A NASSCOM ® Initiative DSCI-KPMG Survey 2010 State Of Data Security and Privacy in the Indian Banking Industry Vinayak Godse Director- Data Protection,
Vulnerability-Specific Execution Filtering (VSEF) for Exploit Prevention on Commodity Software Authors: James Newsome, James Newsome, David Brumley, David.

Vulnerability-Specific Execution Filtering (VSEF) for Exploit Prevention on Commodity Software Authors: James Newsome, James Newsome, David Brumley, David.
Niels Provos and Panayiotis Mavrommatis Google Google Inc. Moheeb Abu Rajab and Fabian Monrose Johns Hopkins University 17 th USENIX Security Symposium.

Niels Provos and Panayiotis Mavrommatis Google Google Inc. Moheeb Abu Rajab and Fabian Monrose Johns Hopkins University 17 th USENIX Security Symposium.

Similar presentations

Ads by Google