Flux Research Group / School of Computing

Isolation of Malicious External Inputs in a Security Focused Adaptive Execution Environment

No PDF availalbe

Aaron Paulos, Partha Pal, Richard Schantz, Brett Benyo, David Johnson, Mike Hibler, and Eric Eide

Proceedings of the 8th International Conference on Availability, Reliability and Security (ARES) 2013.

DOI: 10.1109/ARES.2013.15

Security, Virtualization


Reliable isolation of malicious application inputs is necessary for preventing the future success of an observed novel attack after the initial incident.  In this paper we describe, measure and analyze, Input-Reduction, a technique that can quickly isolate malicious external inputs that embody unforeseen and potentially novel attacks, from other benign application inputs.  The Input-Reduction technique is integrated into an advanced, security-focused adaptive execution environment that automates diagnosis and repair.  In experiments we show that Input-Reduction is both highly accurate and efficient in isolating attack inputs and determining casual relations between inputs.  We also measure and show that the cost incurred by key services that support reliable reproduction and fast attack isolation is reasonable in the adaptive execution environment.