Software That's Resilient Against Hacker Attack

Oct 29, 2009 by John Messina weblog
Software That's Resilient Against Hacker Attack
Image Credit: Technology Review

(PhysOrg.com) -- A team of researchers headed by Martin Rinard, a professor of computer science at MIT, have developed new software that automatically patches errors in deployed software in a matter of minutes.

The is called ClearView and is designed to apply patches whenever it detects that something has gone wrong with the program. ClearView operates by monitoring a program's normal behavior and establishing a set of rules.

ClearView looks for certain types of errors that are mostly caused by an attacker introducing into the operating program. When ClearView detects a software intrusion, it identifies the rule that has been compromised and generates a set of repair patches designed to force the software to follow the compromised rules. ClearView then studies all possibilities to determine which selected rule is the most successful patch.

ClearView can be very successful when it is installed on multiple computers running the same software. By ClearView analyzing the malicious code and applying the most effective rule on one machine, it can then apply the patch to all other machines. ClearView applies the patch to the binary code, bypassing the source code which enables it to fix programs without human intervention.

ClearView was tested on a group of computers running Firefox and an independent team to launch an attack on the . The attack team used 10 different attacks to inject malicious code into Firefox. ClearView was successful in all 10 attacks by blocking the malicious code and shutting down the program before its intended attack took effect.

ClearView created patches that corrected the errors introduced by the malicious code and discarded any corrections that had a negative effect. ClearView, on average, came up with a working patch within five minutes of its first attack.

In a TR interview, Rinard stated: "What this research is leading us to believe is that software isn't in itself inherently fragile and brittle because of errors. It's fragile and brittle because people are afraid to let the software continue if they think there's something wrong with it." Some software engineering approaches, such as "failure-oblivious computing" or "acceptable computing," share this philosophy.

More information: Automatically Patching Errors in Deployed Software, 22nd ACM Symposium on Operating Systems Principles. [Paper] [Slides]

This video is not supported by your browser at this time.
Automatically Patching Errors in Deployed Software, Conference Audio.


Via: Technology Review

© 2009 PhysOrg.com

Explore further: MIT groups develop smartphone system THAW that allows for direct interaction between devices

add to favorites email to friend print save as pdf

Related Stories

Code breakthrough delivers safer computing

Sep 25, 2009

(PhysOrg.com) -- Computer researchers at UNSW and NICTA have achieved a breakthrough in software which will deliver significant increases in security and reliability and has the potential to be a major commercialisation success.

SIIA warns of pirated software

Nov 28, 2005

The SIIA is alerting holiday shoppers to the dangers of pirated software. The Software & Information Industry Association warned consumers Monday to be on the lookout for pirated software this holiday season. The number of ...

Recommended for you

Wireless sensor transmits tumor pressure

2 hours ago

The interstitial pressure inside a tumor is often remarkably high compared to normal tissues and is thought to impede the delivery of chemotherapeutic agents as well as decrease the effectiveness of radiation ...

Tim Cook puts personal touch on iPhone 6 launch

3 hours ago

Apple chief Tim Cook personally kicked off sales of the iPhone 6, joining in "selfies" and shaking hands with customers Friday outside the company's store near his Silicon Valley home.

Team improves solar-cell efficiency

19 hours ago

New light has been shed on solar power generation using devices made with polymers, thanks to a collaboration between scientists in the University of Chicago's chemistry department, the Institute for Molecular ...

Calif. teachers fund to boost clean energy bets

19 hours ago

The California State Teachers' Retirement System says it plans to increase its investments in clean energy and technology to $3.7 billion, from $1.4 billion, over the next five years.

User comments : 7

Adjust slider to filter visible comments by rank

Display comments: newest first

vantomic
1 / 5 (1) Oct 29, 2009
I'll just get started with the obvious comment...what makes the rules so safe? attack the rules.

This reminds me of the joke. If the blackbox in a plane is indestructible why not make the whole plane out of it.
Foolish1
not rated yet Oct 29, 2009
"It's fragile and brittle because people are afraid to let the software continue if they think there's something wrong with it"

Afraid? Terrified is a better choice of words.
nkalanaga
not rated yet Oct 29, 2009
So how long will it be before someone hacks ClearView and uses it to install malicious "patches"? I'd rather my software died if it was compromised.
jgelt
not rated yet Oct 29, 2009
Bootable USB stick. Backup USB sticks.

No sharing a computer, nothing on the computer when the stick is pulled. Nothing for malware to eat.
Corruption or mere suspicion? Restore virgin image in 15 minutes.

Invulnerable except to outright mugging.
Let's get rid of the bloatware and get back to the one-use OS now, please!
malapropism
not rated yet Oct 29, 2009
So how long will it be before someone hacks ClearView and uses it to install malicious "patches"? I'd rather my software died if it was compromised.

But it looks like they thought of this, the paper (section 4.1) states: "Infrastructure Attacks: Determine if attackers can subvert the ClearView patch generation and distribution mechanism to send out malicious patches. This paper omits the detailed results of this qualitative evaluation, but in summary the standard security measures already in place in the Determina commercial product (encryption, authentication, etc.) were judged to provide an acceptable level of protection against this class of attacks."

They also say that they weren't trying to fix everything in one go - and using this is still a lot better than being hacked.
malapropism
not rated yet Oct 29, 2009
Bootable USB stick. Backup USB sticks.

No sharing a computer, nothing on the computer when the stick is pulled. Nothing for malware to eat.
Corruption or mere suspicion? Restore virgin image in 15 minutes.

Invulnerable except to outright mugging.
Let's get rid of the bloatware and get back to the one-use OS now, please!

But not a very usable suggestion for a high-availability, clustered-server & SAN situation.
finitesolutions
5 / 5 (1) Oct 30, 2009
Actually hackers, or anybody, are welcomed to hack my bank accounts :)
It can not be worse than it is now.