Title :
Isolation of Malicious External Inputs in a Security Focused Adaptive Execution Environment
Author :
Paulos, Aaron ; Pal, Parama ; Schantz, Richard ; Benyo, Balazs ; Johnson, D. ; Hibler, Mike ; Eide, E.
Author_Institution :
BBN Technol., Cambridge, MA, USA
Abstract :
Reliable isolation of malicious application inputs is necessary for preventing the future success of an observed novel attack after the initial incident. In this paper we describe, measure and analyze, Input-Reduction, a technique that can quickly isolate malicious external inputs that embody unforeseen and potentially novel attacks, from other benign application inputs. The Input-Reduction technique is integrated into an advanced, security-focused, and adaptive execution environment that automates diagnosis and repair. In experiments we show that Input-Reduction is highly accurate and efficient in isolating attack inputs and determining casual relations between inputs. We also measure and show that the cost incurred by key services that support reliable reproduction and fast attack isolation is reasonable in the adaptive execution environment.
Keywords :
security of data; fast attack isolation; input-reduction technique; key services; malicious external inputs isolation; security focused adaptive execution environment; security-focused environment; Containers; Monitoring; Production; Prototypes; Reliability; Security; Semantics; Adaptive Security; Execution Environment; Novel Attacks; Record & Replay; Survivability;
Conference_Titel :
Availability, Reliability and Security (ARES), 2013 Eighth International Conference on
Conference_Location :
Regensburg
DOI :
10.1109/ARES.2013.15
