Large Scale System Defense
Abstract
The objective of this effort was to investigate techniques for allowing networks composed of many hundreds, thousands, or even millions of commodity computers to protect themselves against a variety of security threats. As a result we developed a number of system prototypes and experimentally demonstrated their effectiveness: an automatic patch generation prototype that can detect previously unknown attacks and create fixes that maintain both integrity and availability of the target application in over 95% of cases with minimal performance overhead; a technique for allowing in situ testing of security patches without affecting the stability or functionality of the production system, using speculative parallel execution; Anagram, a new content-based anomaly detection (AD); Aeolos, a distributed intrusion detection and event correlation infrastructure; STAND, a training-set sanitization technique applicable to ADs requiring unsupervised training; POLYMORPH, an evaluation of the strength of metamorphic engines demonstrating the infeasibility of signature-based filtering devices; and an integrated software diversification system based on Instruction Set Randomization.
Document Details
- Document Type
- Technical Report
- Publication Date
- Oct 01, 2008
- Accession Number
- ADA488369
Entities
People
- Angelos Dennis Keromytis
- Salvatore J. Stolfo
- Steven M. Bellovin
Organizations
- Columbia University