An empirical study of the reliability of UNIX utilities
Communications of the ACM
Hypervisor-based fault tolerance
ACM Transactions on Computer Systems (TOCS) - Special issue on operating system principles
Bro: a system for detecting network intruders in real-time
Computer Networks: The International Journal of Computer and Telecommunications Networking
Secure Execution via Program Shepherding
Proceedings of the 11th USENIX Security Symposium
Software Rejuvenation: Analysis, Module and Applications
FTCS '95 Proceedings of the Twenty-Fifth International Symposium on Fault-Tolerant Computing
An evaluation of the recovery-related properties of software faults
An evaluation of the recovery-related properties of software faults
Automatic detection and repair of errors in data structures
OOPSLA '03 Proceedings of the 18th annual ACM SIGPLAN conference on Object-oriented programing, systems, languages, and applications
Acceptability-oriented computing
OOPSLA '03 Companion of the 18th annual ACM SIGPLAN conference on Object-oriented programming, systems, languages, and applications
Shield: vulnerability-driven network filters for preventing known vulnerability exploits
Proceedings of the 2004 conference on Applications, technologies, architectures, and protocols for computer communications
The design and implementation of Zap: a system for migrating computing environments
OSDI '02 Proceedings of the 5th symposium on Operating systems design and implementationCopyright restrictions prevent ACM from being able to make the PDFs for this conference available for downloading
An API for Runtime Code Patching
International Journal of High Performance Computing Applications
Vigilante: end-to-end containment of internet worms
Proceedings of the twentieth ACM symposium on Operating systems principles
Rx: treating bugs as allergies---a safe method to survive software failures
Proceedings of the twentieth ACM symposium on Operating systems principles
Proceedings of the 12th ACM conference on Computer and communications security
Debugging operating systems with time-traveling virtual machines
ATEC '05 Proceedings of the annual conference on USENIX Annual Technical Conference
Building a reactive immune system for software services
ATEC '05 Proceedings of the annual conference on USENIX Annual Technical Conference
HOTOS'03 Proceedings of the 9th conference on Hot Topics in Operating Systems - Volume 9
Enhancing server availability and security through failure-oblivious computing
OSDI'04 Proceedings of the 6th conference on Symposium on Opearting Systems Design & Implementation - Volume 6
SSYM'03 Proceedings of the 12th conference on USENIX Security Symposium - Volume 12
Creating Vulnerability Signatures Using Weakest Preconditions
CSF '07 Proceedings of the 20th IEEE Computer Security Foundations Symposium
Sweeper: a lightweight end-to-end system for defending against fast worms
Proceedings of the 2nd ACM SIGOPS/EuroSys European Conference on Computer Systems 2007
On the infeasibility of modeling polymorphic shellcode
Proceedings of the 14th ACM conference on Computer and communications security
Transparent checkpoint-restart of multiple processes on commodity operating systems
ATC'07 2007 USENIX Annual Technical Conference on Proceedings of the USENIX Annual Technical Conference
A dynamic mechanism for recovering from buffer overflow attacks
ISC'05 Proceedings of the 8th international conference on Information Security
Automatically patching errors in deployed software
Proceedings of the ACM SIGOPS 22nd symposium on Operating systems principles
Survival strategies for synthesized hardware systems
MEMOCODE'09 Proceedings of the 7th IEEE/ACM international conference on Formal Methods and Models for Codesign
Proceedings of the 32nd ACM/IEEE International Conference on Software Engineering - Volume 1
Proceedings of the 5th Workshop on Automation of Software Test
Patterns and statistical analysis for understanding reduced resource computing
Proceedings of the ACM international conference on Object oriented programming systems languages and applications
Bypassing races in live applications with execution filters
OSDI'10 Proceedings of the 9th USENIX conference on Operating systems design and implementation
Proceedings of the International Conference & Workshop on Emerging Trends in Technology
PEASOUP: preventing exploits against software of uncertain provenance (position paper)
Proceedings of the 7th International Workshop on Software Engineering for Secure Systems
Record and transplay: partial checkpointing for replay debugging across heterogeneous systems
Proceedings of the ACM SIGMETRICS joint international conference on Measurement and modeling of computer systems
Record and transplay: partial checkpointing for replay debugging across heterogeneous systems
ACM SIGMETRICS Performance Evaluation Review - Performance evaluation review
Detecting and escaping infinite loops with jolt
Proceedings of the 25th European conference on Object-oriented programming
REASSURE: a self-contained mechanism for healing software using rescue points
IWSEC'11 Proceedings of the 6th International conference on Advances in information and computer security
What to do when things go wrong: recovery in complex (computer) systems
Proceedings of the 11th annual international conference on Aspect-oriented Software Development Companion
kGuard: lightweight kernel protection against return-to-user attacks
Security'12 Proceedings of the 21st USENIX conference on Security symposium
Adaptive defenses for commodity software through virtual application partitioning
Proceedings of the 2012 ACM conference on Computer and communications security
Bolt: on-demand infinite loop escape in unmodified binaries
Proceedings of the ACM international conference on Object oriented programming systems languages and applications
MemRed: towards reliable web applications
Proceedings of the Workshop on Secure and Dependable Middleware for Cloud Monitoring and Management
Towards dependable clients: improving the reliability and availability of the browsers
Proceedings of the 9th Middleware Doctoral Symposium of the 13th ACM/IFIP/USENIX International Middleware Conference
Self-healing multitier architectures using cascading rescue points
Proceedings of the 28th Annual Computer Security Applications Conference
ConAir: featherweight concurrency bug recovery via single-threaded idempotent execution
Proceedings of the eighteenth international conference on Architectural support for programming languages and operating systems
Transparent mutable replay for multicore debugging and patch validation
Proceedings of the eighteenth international conference on Architectural support for programming languages and operating systems
Proceedings of the 9th ACM SIGPLAN/SIGOPS international conference on Virtual execution environments
Techniques for efficient in-memory checkpointing
Proceedings of the 9th Workshop on Hot Topics in Dependable Systems
Post-compiler software optimization for reducing energy
Proceedings of the 19th international conference on Architectural support for programming languages and operating systems
Hi-index | 0.00 |
Software failures in server applications are a significant problem for preserving system availability. We present ASSURE, a system that introduces rescue points that recover software from unknown faults while maintaining both system integrity and availability, by mimicking system behavior under known error conditions. Rescue points are locations in existing application code for handling a given set of programmer-anticipated failures, which are automatically repurposed and tested for safely enabling fault recovery from a larger class of (unanticipated) faults. When a fault occurs at an arbitrary location in the program, ASSURE restores execution to an appropriate rescue point and induces the program to recover execution by virtualizing the program's existing error-handling facilities. Rescue points are identified using fuzzing, implemented using a fast coordinated checkpoint-restart mechanism that handles multi-process and multi-threaded applications, and, after testing, are injected into production code using binary patching. We have implemented an ASSURE Linux prototype that operates without application source code and without base operating system kernel changes. Our experimental results on a set of real-world server applications and bugs show that ASSURE enabled recovery for all of the bugs tested with fast recovery times, has modest performance overhead, and provides automatic self-healing orders of magnitude faster than current human-driven patch deployment methods.