Server protection through dynamic patching

Abstract : Recently, hackers has been developing fast propagat- ing worms exploiting vulnerabilities that had just been dis- closed by security experts. Those attacks particularly ex- pose servers: this class of applications is constantly con- nected to the Internet and must meet uptime constraints. Hence they often run unprotected until the next scheduled update. In this paper, we propose a just-in-time protection for servers based on runtime injection of pre-made patches. The runtime injection permits to deal with uptime con- straints and induces only a minimal overhead over the vul- nerable code and only when a vulnerability is known to ex- ist. The pre-made patches forbid exploitation of most com- mon vulnerabilities (45% of attacks reported by Debian se- curity in 2005 affecting C softwares) and allows continuous servicing.
Type de document :
Communication dans un congrès
11th IEEE Pacific Rim International Symposium on Dependable Computing, Dec 2005, Changsha, China. 2005
Liste complète des métadonnées

Littérature citée [11 références]  Voir  Masquer  Télécharger

https://hal.inria.fr/inria-00441360
Contributeur : Nicolas Loriant <>
Soumis le : mardi 15 décembre 2009 - 18:29:58
Dernière modification le : vendredi 22 juin 2018 - 09:28:19
Document(s) archivé(s) le : jeudi 17 juin 2010 - 21:51:02

Fichier

loriant.prdc05.pdf
Fichiers produits par l'(les) auteur(s)

Identifiants

  • HAL Id : inria-00441360, version 1

Citation

Nicolas Loriant, Marc Ségura-Devillechaise, Jean-Marc Menaud. Server protection through dynamic patching. 11th IEEE Pacific Rim International Symposium on Dependable Computing, Dec 2005, Changsha, China. 2005. 〈inria-00441360〉

Partager

Métriques

Consultations de la notice

227

Téléchargements de fichiers

151