Towards an Approach for Automatically Repairing Compromised Network Systems

Authors:
Julian B. Grizzard;Sven Krasser;Henry L. Owen;Gregory J. Conti;Eric R. Dodson
Affiliations:
Georgia Institute of Technology, Atlanta;Georgia Institute of Technology, Atlanta;Georgia Institute of Technology, Atlanta;Georgia Institute of Technology, Atlanta;Georgia Institute of Technology, Atlanta
Venue:
NCA '04 Proceedings of the Network Computing and Applications, Third IEEE International Symposium
Year:
2004

Citing 0
Cited 1

Pushing boulders uphill: the difficulty of network intrusion recovery

LISA'09 Proceedings of the 23rd conference on Large installation system administration

Quantified Score

Hi-index	0.00

Visualization

Abstract

The widely accepted method to repair a compromised system is to wipe the system clean and reinstall. We think that there may be alternative methods. Specifically, we envision systems that are capable of automatically recovering from system compromises. Our proposed approach is a repair agent that resides in an isolated area on the system. We use a virtual machine approach to isolate the repair agent. The repair agent should roll back any undesirable changes, determine the point of entry, and prevent further compromise.