skip to main content
10.1145/3338502.3359761acmconferencesArticle/Chapter ViewAbstractPublication PagesccsConference Proceedingsconference-collections
research-article
Public Access

Inuring: Live Attacker-Guided Repair

Published: 15 November 2019 Publication History

Abstract

We present inuring, an attack-guided repair method for software vulnerabilities in n-variant systems. N-variant systems detect attacks that cause divergence in variant behavior, converting severe vulnerabilities (such as those that enable remote code execution) into less severe denial-of-service vulnerabilities. Inuring is a general technique for n-variant systems that uses information gleaned from an attack to perform a "live'' field repair of the underlying vulnerability, thereby obviating the denial-of-service attack. We present a case study of the use of inuring to protect against a powerful class of memory-corruption exploits in the Apache web server. Our demonstration leverages dappling, a new technique for provably secure memory layout in n-variant systems. With inuring and dappling we are able to guarantee strong protection and remediation for a class of write-what-where vulnerabilities in n-variant systems. Our case study illustrates the efficacy and efficiency of these techniques.

References

[1]
Clark Barrett, Aaron Stump, Cesare Tinelli, Sascha Boehme, David Cok, David Déharbe, Bruno Dutertre, Pascal Fontaine, Vijay Ganesh, Alberto Griggio, Jim Grundy, Paul Jackson, Albert Oliveras, Sava Krsti, Michal Moskal, Leonardo De Moura, Roberto Sebastiani, and Jochen Hoenicke. The smt-lib standard: Version 2.0 draft. Technical report, 2010.
[2]
Michele Co, Jack W Davidson, Jason D Hiser, John C Knight, Anh Nguyen-Tuong, Westley Weimer, Jonathan Burket, Gregory L Frazier, Tiffany M Frazier, Bruno Dutertre, et al. Double helix and raven: A system for cyber fault tolerance and recovery. In Proceedings of the 11th Annual Cyber and Information Security Research Conference, page 17. ACM, 2016.
[3]
Benjamin Cox, David Evans, Adrian Filipi, Jonathan Rowanhill, Wei Hu, Jack Davidson, John Knight, Anh Nguyen-Tuong, and Jason Hiser. N-variant systems: a secretless framework for security through diversity. In USENIX Security Symposium, 2006.
[4]
Emily H Halili. Apache JMeter: A practical beginner's guide to automated testing and performance measurement for your websites. Packt Publishing Ltd, 2008.
[5]
Petr Hosek and Cristian Cadar. Varan the unbelievable: An efficient n-version execution framework. In ACM SIGPLAN Notices, volume 50, pages 339--353. ACM, 2015.
[6]
Hong Hu, Shweta Shinde, Sendroiu Adrian, Zheng Leong Chua, Prateek Saxena, and Zhenkai Liang. Data-oriented programming: On the expressiveness of non-control data attacks. In Security and Privacy (SP), 2016 IEEE Symposium on, pages 969--986. IEEE, 2016.
[7]
Koen Koning, Herbert Bos, and Cristiano Giuffrida. Secure and efficient multi-variant execution using hardware-assisted process virtualization. In 2016 46th Annual IEEE/IFIP International Conference on Dependable Systems and Networks (DSN), pages 431--442. IEEE, 2016.
[8]
Fan Long, Stelios Sidiroglou-Douskos, and Martin Rinard. Automatic runtime error repair and containment via Recovery Shepherding. In Proceedings of the 35th ACM SIGPLAN Conference on Programming Language Design and Implementation, PLDI '14, pages 227--238, New York, NY, USA, 2014. ACM.
[9]
Kangjie Lu, Meng Xu, Chengyu Song, Taesoo Kim, and Wenke Lee. Stopping memory disclosures via diversification and replicated execution. IEEE Transactions on Dependable and Secure Computing, 2018.
[10]
Hasabnis Niranjan, Misra Ashish, and R.Sekar. Light-weight bounds checking. In Proceedings of the Tenth International Symposium on Code Generation and Optimization (CGO), Proceedings of the Tenth International Symposium on Code Generation and Optimization (CGO), pages 135--144, San Jose, California, 2012. ACM. 2259034.
[11]
Lu'is Pina, Anastasios Andronidis, and Cristian Cadar. Freeda: deploying incompatible stock dynamic analyses in production via multi-version execution. System, 9(10):11, 2018.
[12]
Konstantin Serebryany, Derek Bruening, Alexander Potapenko, and Dmitriy Vyukov. AddressSanitizer: A fast address sanity checker. In USENIX Annual Technical Conference, pages 309--318, 2012.
[13]
Stelios Sidiroglou, Oren Laadan, Carlos Perez, Nicolas Viennot, Jason Nieh, and Angelos D. Keromytis. Assure: automatic software self-healing using rescue points. In Architectural Support for Programming Languages and Operating Systems, pages 37--48, 2009.
[14]
Anil Somayaji and Stephanie Forrest. Automated response using system-call delay. In Usenix Security Symposium, pages 185--197, 2000.
[15]
Matthew M Williamson. Throttling viruses: Restricting propagation to defeat malicious mobile code. In 18th Annual Computer Security Applications Conference, 2002. Proceedings., pages 61--68. IEEE, 2002.
[16]
Meng Xu, Kangjie Lu, Taesoo Kim, and Wenke Lee. Bunshin: compositing security mechanisms through diversification. In 2017 $$USENIX$$ Annual Technical Conference (USENIXATC 17), pages 271--283, 2017.

Recommendations

Comments

Information & Contributors

Information

Published In

cover image ACM Conferences
FEAST'19: Proceedings of the 3rd ACM Workshop on Forming an Ecosystem Around Software Transformation
November 2019
58 pages
ISBN:9781450368346
DOI:10.1145/3338502
Permission to make digital or hard copies of all or part of this work for personal or classroom use is granted without fee provided that copies are not made or distributed for profit or commercial advantage and that copies bear this notice and the full citation on the first page. Copyrights for components of this work owned by others than the author(s) must be honored. Abstracting with credit is permitted. To copy otherwise, or republish, to post on servers or to redistribute to lists, requires prior specific permission and/or a fee. Request permissions from [email protected].

Sponsors

Publisher

Association for Computing Machinery

New York, NY, United States

Publication History

Published: 15 November 2019

Permissions

Request permissions for this article.

Check for updates

Author Tags

  1. inuring
  2. memory safety
  3. n-variant

Qualifiers

  • Research-article

Funding Sources

Conference

CCS '19
Sponsor:

Acceptance Rates

Overall Acceptance Rate 4 of 4 submissions, 100%

Upcoming Conference

CCS '25

Contributors

Other Metrics

Bibliometrics & Citations

Bibliometrics

Article Metrics

  • 0
    Total Citations
  • 202
    Total Downloads
  • Downloads (Last 12 months)52
  • Downloads (Last 6 weeks)7
Reflects downloads up to 12 Jan 2025

Other Metrics

Citations

View Options

View options

PDF

View or Download as a PDF file.

PDF

eReader

View online with eReader.

eReader

Login options

Media

Figures

Other

Tables

Share

Share

Share this Publication link

Share on social media