Protection of software-based survivability mechanisms

Author

Wang, Chenxi ; Davidson, Jack ; Hill, Jonathan ; Knight, John

Author_Institution

Dept. of Comput. Sci., Virginia Univ., Charlottesville, VA, USA

fYear

2001

fDate

1-4 July 2001

Firstpage

193

Lastpage

202

Abstract

Many existing survivability mechanisms rely on software-based system monitoring and control. Some of the software resides on application hosts that are not necessarily trustworthy. The integrity of these software components is therefore essential to the reliability and trustworthiness of the survivability scheme. We address the problem of protecting trusted software on untrustworthy hosts by software transformations. Our techniques include a systematic introduction of aliases in combination with a "break-down" of the program control-flow; transforming high-level control transfers to indirect addressing through aliased pointers. In so doing, we transform programs to a form that yields data flow information very slowly and/or with little precision. We present a theoretical result which shows that a precise analysis of the transformed program, in the general case, is NP-hard and demonstrate the applicability of our techniques with empirical results.

Keywords

client-server systems; program control structures; security of data; software fault tolerance; system monitoring; aliased pointers; aliases; application hosts; data flow information; program control-flow; software transformations; software-based survivability mechanisms; software-based system monitoring; trustworthiness; untrustworthy hosts; Communication system control; Context modeling; Control systems; Cryptography; Monitoring; Network servers; Probes; Protection; Protocols; Runtime;

fLanguage

English

Publisher

ieee

Conference_Titel

Dependable Systems and Networks, 2001. DSN 2001. International Conference on

Conference_Location

Goteborg, Sweden

Print_ISBN

0-7695-1101-5

Type

conf

DOI

10.1109/DSN.2001.941405

Filename

941405