Skip to Main content Skip to Navigation
Conference papers

Server protection through dynamic patching

Abstract : Recently, hackers has been developing fast propagat- ing worms exploiting vulnerabilities that had just been dis- closed by security experts. Those attacks particularly ex- pose servers: this class of applications is constantly con- nected to the Internet and must meet uptime constraints. Hence they often run unprotected until the next scheduled update. In this paper, we propose a just-in-time protection for servers based on runtime injection of pre-made patches. The runtime injection permits to deal with uptime con- straints and induces only a minimal overhead over the vul- nerable code and only when a vulnerability is known to ex- ist. The pre-made patches forbid exploitation of most com- mon vulnerabilities (45% of attacks reported by Debian se- curity in 2005 affecting C softwares) and allows continuous servicing.
Document type :
Conference papers
Complete list of metadata

Cited literature [11 references]  Display  Hide  Download

https://hal.inria.fr/inria-00441360
Contributor : Nicolas Loriant <>
Submitted on : Tuesday, December 15, 2009 - 6:29:58 PM
Last modification on : Wednesday, December 5, 2018 - 1:22:08 AM
Long-term archiving on: : Thursday, June 17, 2010 - 9:51:02 PM

File

loriant.prdc05.pdf
Files produced by the author(s)

Identifiers

  • HAL Id : inria-00441360, version 1

Citation

Nicolas Loriant, Marc Ségura-Devillechaise, Jean-Marc Menaud. Server protection through dynamic patching. 11th IEEE Pacific Rim International Symposium on Dependable Computing, Dec 2005, Changsha, China. ⟨inria-00441360⟩

Share

Metrics

Record views

519

Files downloads

388