Secure Execution via Program Shepherding
Proceedings of the 11th USENIX Security Symposium
Anomaly Detection Using Call Stack Information
SP '03 Proceedings of the 2003 IEEE Symposium on Security and Privacy
Automatic detection and repair of errors in data structures
OOPSLA '03 Proceedings of the 18th annual ACM SIGPLAN conference on Object-oriented programing, systems, languages, and applications
Shield: vulnerability-driven network filters for preventing known vulnerability exploits
Proceedings of the 2004 conference on Applications, technologies, architectures, and protocols for computer communications
Secure program execution via dynamic information flow tracking
ASPLOS XI Proceedings of the 11th international conference on Architectural support for programming languages and operating systems
Gray-box extraction of execution graphs for anomaly detection
Proceedings of the 11th ACM conference on Computer and communications security
Vigilante: end-to-end containment of internet worms
Proceedings of the twentieth ACM symposium on Operating systems principles
Rx: treating bugs as allergies---a safe method to survive software failures
Proceedings of the twentieth ACM symposium on Operating systems principles
Fast and automated generation of attack signatures: a basis for building self-protecting servers
Proceedings of the 12th ACM conference on Computer and communications security
Automatic diagnosis and response to memory corruption vulnerabilities
Proceedings of the 12th ACM conference on Computer and communications security
On deriving unknown vulnerabilities from zero-day polymorphic and metamorphic worm exploits
Proceedings of the 12th ACM conference on Computer and communications security
Proceedings of the 12th ACM conference on Computer and communications security
Anomalous system call detection
ACM Transactions on Information and System Security (TISSEC)
Towards Automatic Generation of Vulnerability-Based Signatures
SP '06 Proceedings of the 2006 IEEE Symposium on Security and Privacy
Retrofitting Legacy Code for Authorization Policy Enforcement
SP '06 Proceedings of the 2006 IEEE Symposium on Security and Privacy
EXE: automatically generating inputs of death
Proceedings of the 13th ACM conference on Computer and communications security
Building a reactive immune system for software services
ATEC '05 Proceedings of the annual conference on USENIX Annual Technical Conference
HOTOS'03 Proceedings of the 9th conference on Hot Topics in Operating Systems - Volume 9
Enhancing server availability and security through failure-oblivious computing
OSDI'04 Proceedings of the 6th conference on Symposium on Opearting Systems Design & Implementation - Volume 6
Automated response using system-call delays
SSYM'00 Proceedings of the 9th conference on USENIX Security Symposium - Volume 9
ShieldGen: Automatic Data Patch Generation for Unknown Vulnerabilities with Informed Probing
SP '07 Proceedings of the 2007 IEEE Symposium on Security and Privacy
StackGuard: automatic adaptive detection and prevention of buffer-overflow attacks
SSYM'98 Proceedings of the 7th conference on USENIX Security Symposium - Volume 7
Challenging the anomaly detection paradigm: a provocative discussion
NSPW '06 Proceedings of the 2006 workshop on New security paradigms
Bouncer: securing software by blocking bad input
Proceedings of twenty-first ACM SIGOPS symposium on Operating systems principles
Intrusion detection using sequences of system calls
Journal of Computer Security
On the infeasibility of modeling polymorphic shellcode
Proceedings of the 14th ACM conference on Computer and communications security
From STEM to SEAD: speculative execution for automated defense
ATC'07 2007 USENIX Annual Technical Conference on Proceedings of the USENIX Annual Technical Conference
Environment-sensitive intrusion detection
RAID'05 Proceedings of the 8th international conference on Recent Advances in Intrusion Detection
Allergy attack against automatic signature generation
RAID'06 Proceedings of the 9th international conference on Recent Advances in Intrusion Detection
NSPW '09 Proceedings of the 2009 workshop on New security paradigms workshop
| Hi-index | 0.00 |
Most attacks on computing systems occur rapidly enough to frustrate manual defense or repair. It appears, therefore, that defense systems must include some degree of autonomy. Recent advances have led to an emerging interest in self-healing software as a solution to this problem. It is not clear, however, if the effort to create self-healing mechanisms is actually worth the cost in terms of development effort, deployment complexity, or runtime supervision and monitoring. Furthermore, no general purpose self-healing mechanisms have been shown to be achievable for general systems; it is hard to know beforehand exactly what an application should do in response to an arbitrary vulnerability. A number of very hard problems remain for researchers to explore before self-healing can be reliably applied to real computing systems. This paper provides a critique of the current state of the art and offers the position that self-healing as a concept should be relegated to the status of autonomic computing: a goal worth aiming for as a way to push the boundary of the possible rather than an achievable end in itself. Along the way, we identify a number of important but unsolved research problems in this space.