Leveraging Parallel Hardware to Detect, Quarantine, and Repair Malicious Code Injection (#36)

Abstract

In a Multi-Variant Execution Environment (MVEE), several slightly different versions of the same program are executed in lockstep. While this is done, a monitor compares the behavior of the versions at certain synchronization points with the aim of detecting discrepancies which may indicate attacks. A fully functions MVEE has been built and evaluated. The implemented system can successfully detect previously unknown attacks in real time, in exchange for a small runtime penalty.

Open PDF

Document Details

Document Type
Technical Report
Publication Date
Jan 01, 2010
Accession Number
ADA513904

Entities

People

  • Michael Franz

Organizations

  • University of California, Irvine

Tags

Communities of Interest

  • Cyber
  • Energy and Power Technologies
  • Human Systems
  • Materials and Manufacturing Processes

DTIC Thesaurus Topics

  • Air Force Research Laboratories
  • Central Processing Units
  • Code Injection
  • Computer Program Documentation
  • Computer Program Reliability
  • Computer Programming
  • Computer Programs
  • Computer Science
  • Computers
  • Cybersecurity
  • Html
  • Instruction Set Architecture
  • Intrusion Detection
  • Intrusion Detection Systems
  • Intrusion Detectors
  • Kernels (Operating System)
  • Operating Systems

Fields of Study

  • Computer science
  • Mathematics

Readers

  • Cybersecurity.
  • Parallel and Distributed Computing.