Inoculating software for survivability

Ghosh, Anup K.; Voas, Jeffrey

doi:10.1145/306549.306563

Cited by 21 publications

(6 citation statements)

References 8 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…In [Ghosh and Voas, 1999, pages 38-44), the problem of software reliability with regards to commercial off-the-shell (CarS) software is examined and a method of software inoculation is presented. Using such an inoculation technique, a filtering layer is put in place that protects the operating system's system calls from invocations with invalid parameters.…”

Section: Related Workmentioning

confidence: 99%

See 1 more Smart Citation

Security in the Information Society

Ghonaimy¹,

El-Hadidi²,

Aslan³

2002

IFIP Advances in Information and Communication Technology

View full text Add to dashboard Cite

Section: Related Workmentioning

confidence: 99%

“…Finally, methods of inoculation such as those presented in [Ghosh and Voas, 1999] could provide a level of security by filtering malicious event messages. Although this degrades performance, it is a solution to COTS software.…”

Section: Countermeasuresmentioning

confidence: 99%

Security in the Information Society

Ghonaimy¹,

El-Hadidi²,

Aslan³

2002

IFIP Advances in Information and Communication Technology

View full text Add to dashboard Cite

“…Using simple, public tools such as the web browser they could quietly penetrate organizations and commit crimes such as theft of sensitive data (credit card information, etc.) with a very low risk of getting caught (Ghosh and Voas 1999).…”

Section: Security Is the System Engineer's Businessmentioning

confidence: 99%

4.3.2 Systems Engineering Approach To Information Assurance

Taylor

Sloan

2004

INCOSE International Symp

View full text Add to dashboard Cite

Today's security solutions for protecting telecommunications and information infrastructures are primarily defensive. They are not commensurate with the increasingly sophisticated nature of the global cyberthreat, and likely ineffective in countering new, dormant threats that could be a strategic surprise to organizational security. Defensive measures such as firewall and antivirus software can only protect computer networks and systems against known signatures of malicious code. To engineer pre‐emptive capabilities and processes that discourage and repel attacks would require integration of key aspects of security domain engineering into systems engineering practices. An integrated approach would promote the implementation of security controls and processes as built‐in features of future human/computer systems and networks, rather than as separate solutions, thus enabling a more holistic and robust information assurance.

show abstract

“…Ghosh, et al [31] propose "fault injection analysis" applied to software, while Strunk, et al [70] apply a lowlevel approach: they propose an intrusion detection and recovery model at the storage layer. Kreidl, et al [43] propose a formalized feedback-driven model for individual COTS applications.…”

Section: Related Workmentioning

confidence: 99%

A holistic approach to service survivability

Keromytis

Parekh

Gross

et al. 2003

Proceedings of the 2003 ACM Workshop on Survivable and Self-Regenerative Systems: In Association With 10th ACM Conference on Co

View full text Add to dashboard Cite

We present SABER (Survivability Architecture: Block, Evade, React), a proposed survivability architecture that blocks, evades and reacts to a variety of attacks by using several security and survivability mechanisms in an automated and coordinated fashion.Contrary to the ad hoc manner in which contemporary survivable systems are built-using isolated, independent security mechanisms such as firewalls, intrusion detection systems and software sandboxes-SABER integrates several different technologies in an attempt to provide a unified framework for responding to the wide range of attacks malicious insiders and outsiders can launch.This coordinated multi-layer approach will be capable of defending against attacks targeted at various levels of the network stack, such as congestion-based DoS attacks, software-based DoS or code-injection attacks, and others. Our fundamental insight is that while multiple lines of defense are useful, most conventional, uncoordinated approaches fail to exploit the full range of available responses to incidents. By coordinating the response, the ability to survive successful security breaches increases substantially.We discuss the key components of SABER, how they will be integrated together, and how we can leverage on the promising results of the individual components to improve survivability in a variety of coordinated attack scenarios. SABER is currently in the prototyping stages, with several interesting open research topics.

show abstract

Inoculating software for survivability

Cited by 21 publications

References 8 publications

Security in the Information Society

Security in the Information Society

4.3.2 Systems Engineering Approach To Information Assurance

A holistic approach to service survivability

Contact Info

Product

Resources

About