Title :
Making garbage collection dependable through a run-time monitor
Author :
Lo, Chia-Tien Dan
Author_Institution :
Dept. of Comput. Sci., Texas Univ., San Antonio, TX, USA
Abstract :
This paper examines Java security models and describes security issues in garbage collection, memory metrics used to predict program behaviors, and their relations. These metrics are collected and analyzed at run-time to assure dependability. Undependable factors come from heap memory attacks which are introduced and classified into "slow death" and "fast death" categories. "Slow death" is to chronic diseases what "fast death" is to sudden death. "Slow death" causes programs dying; "fast death" terminates a program. These are potential scenarios if garbage collection is under attack. Experimental studies show that garbage collection may be invoked 27 times more than the normal situation. Furthermore, presented is a run-time monitoring system that can detect anomalous program behaviors using the collected memory metrics. This can be a run-time throttle that controls program behaviors and a postmortem diagnosis technique in case of heap memory attacks.
Keywords :
Java; security of data; storage management; supervisory programs; system monitoring; Java security models; anomalous program behavior detection; data security; fast death; garbage collection; heap memory attacks; memory metrics; metrics analysis; metrics collection; program termination; run-time monitoring system; slow death; system dependability; Batteries; Computer crime; Computer security; Computerized monitoring; Diseases; Java; Predictive models; Protection; Runtime; Software;
Conference_Titel :
Information Assurance Workshop, 2005. IAW '05. Proceedings from the Sixth Annual IEEE SMC
Print_ISBN :
0-7803-9290-6
DOI :
10.1109/IAW.2005.1495983
