Binary-Level Function Proling for Intrusion Detection and Smart Error Virtualization

Most current approaches to Self-Healing Software (SHS) suffer from semantic incorrectness of the response mechanism. To support SHS, the authors propose Smart Error Virtualization (SEV), which treats functions as transactions but provides a way to guide the program state and remediation to be a more correct value than previous work. The authors perform runtime binary-level proling on unmodified applications to learn both good return values and error return values (Produced when the program encounters "Bad" input). The goal is to "Learn from mistakes" by converting malicious input to the program's notion of "Bad" input.

Provided by: Columbia University Topic: Virtualization Date Added: Jan 2011 Format: PDF

Find By Topic