dr travis stork dating now - Dynamic software updating ksplice

The fundamental difference is that these solutions app... RETRO repairs a desktop or server after an adversary com-promises it, by undoing the adversary’s changes while preserving legitimate user actions, with minimal user in-volvement.

dynamic software updating ksplice-77

The elimination of data wrappers greatly reduces execution overhead for data intensive applications.

Up Stare supports the update of applications anywhere during their exe... In recent years, the deployment of many application-level countermeasures against memory errors and the in-creasing number of vulnerabilities discovered in the ker-nel has fostered a renewed interest in kernel-level ex-ploitation.

This approach allows updating applications that until now could not be updated at runtime at all or could be updated but with a possibly indefinite delay between the time an update is initiated and the time the update is effected (during this period no service is provided).

Unlike existing approaches, we allow arbitrary changes to functions active on the stack and without requiring the programmer to anticipate the future evolution of a program.

An evaluation of a prototype of RETRO for Linux with 2 real-world attacks, 2 synthesized challenge attacks, and 6 attacks from previous work, shows that RETRO can often repair the system without user involvement, and avoids false positives and negatives from previous so-lutions.

These benefits come at the cost of 35–127 % in execution time overhead and of 4–150 GB of log space per day, depending on the workload.

In this paper, we propose the first design for fine-grained address space randomization (ASR) inside the operating system (OS), providing an efficient and com-prehensive countermeasure against classic and emerg-ing attacks, such as return-oriented programming.

To motivate our design, we investigate the differences with application-level ASR and find that some of the well-established assumptions in existing solutions are no longer valid inside the OS; above all, perhaps, that infor-mation leakage becomes a major concern in the new con-text.

These results demonstrate that this work is a significant step towards practical support for dynamic updates in virtual machines for managed languages. By contrast, C and C implementations must use either staticallyinserted indirections [22, 32, 39, 5, 24] or dynamically-inserted trampolines to redirect function calls =-=[2, 12, 13, 3]-=-.

Both cases impose persistent overhead on normal execution and inhibit optimization.

Experimental results demon-strate that our techniques yield low run-time perfor-mance overhead (less than 5 % on average on both SPEC and syscall-intensive benchmarks) and limited run-time memory footprint increase (around 15 % during the exe-cution of our benchmarks).

Tags: , ,