Reference Hub

This research has been cited in:

Conference
VM-based security overkillProceedings of the 2010 New Security Paradigms Workshop10.1145/1900546.1900554
Conference
iProbe: A lightweight user-level dynamic instrumentation tool2013 28th IEEE/ACM International Conference on Automated Software Engineering (ASE)10.1109/ASE.2013.6693147
Conference
PatchDroidProceedings of the 29th Annual Computer Security Applications Conference10.1145/2523649.2523679
Conference
Auto-patching DOM-based XSS at scaleProceedings of the 2015 10th Joint Meeting on Foundations of Software Engineering10.1145/2786805.2786821
Conference
Dynamic program code distribution in Infrastructure-as-a-Service clouds2013 5th International Workshop on Principles of Engineering Service-Oriented Systems (PESOS)10.1109/PESOS.2013.6635974

Katana: Towards Patching as a Runtime Part of the Compiler-Linker-Loader Toolchain

Sergey Bratus, James Oakley, Ashwin Ramaswamy, Sean W. Smith, Michael E. Locasto

Source Title: International Journal of Secure Software Engineering (IJSSE)1(3)

ISSN: 1947-3036|EISSN: 1947-3044|EISBN13: 9781609608958|DOI: 10.4018/jsse.2010070101

Cite Article Cite Article

MLA

Bratus, Sergey, et al. "Katana: Towards Patching as a Runtime Part of the Compiler-Linker-Loader Toolchain." IJSSE vol.1, no.3 2010: pp.1-17. http://doi.org/10.4018/jsse.2010070101

APA

Bratus, S., Oakley, J., Ramaswamy, A., Smith, S. W., & Locasto, M. E. (2010). Katana: Towards Patching as a Runtime Part of the Compiler-Linker-Loader Toolchain. International Journal of Secure Software Engineering (IJSSE), 1(3), 1-17. http://doi.org/10.4018/jsse.2010070101

Chicago

Bratus, Sergey, et al. "Katana: Towards Patching as a Runtime Part of the Compiler-Linker-Loader Toolchain," International Journal of Secure Software Engineering (IJSSE) 1, no.3: 1-17. http://doi.org/10.4018/jsse.2010070101

Export Reference

Favorite Full-Issue Download

View Full Text HTML

View Full Text PDF

Abstract

The mechanics of hot patching (the process of upgrading a program while it executes) remain understudied, even though it offers capabilities that act as practical benefits for both consumer and mission-critical systems. A reliable hot patching procedure would serve particularly well by reducing the downtime necessary for critical functionality or security upgrades. However, hot patching also carries the risk—real or perceived—of leaving the system in an inconsistent state, which leads many owners to forgo its benefits as too risky; for systems where availability is critical, this decision may result in leaving systems un-patched and vulnerable. In this paper, the authors present a novel method for hot patching ELF binaries that supports synchronized global data and code updates, and reasoning about the results of applying the hot patch. In this regard, the Patch Object format was developed to encode patches as a special type of ELF re-locatable object file. The authors then built a tool, Katana, which automatically creates these patch objects as a by-product of the standard source build process. Katana also allows an end-user to apply the Patch Objects to a running process.

You do not own this content. Please login to recommend this title to your institution's librarian or purchase it from the IGI Global bookstore.

Username or email: *

Password: *

Forgot individual login password?

Create individual account

Katana: Towards Patching as a Runtime Part of the Compiler-Linker-Loader Toolchain

MLA

APA

Chicago

Export Reference

Abstract

Request Access