Large Scale System Defense
Final rept. Jul 2006-May 2008
COLUMBIA UNIV NEW YORK
Pagination or Media Count:
The objective of this effort was to investigate techniques for allowing networks composed of many hundreds, thousands, or even millions of commodity computers to protect themselves against a variety of security threats. As a result we developed a number of system prototypes and experimentally demonstrated their effectiveness an automatic patch generation prototype that can detect previously unknown attacks and create fixes that maintain both integrity and availability of the target application in over 95 of cases with minimal performance overhead a technique for allowing in situ testing of security patches without affecting the stability or functionality of the production system, using speculative parallel execution Anagram, a new content-based anomaly detection AD Aeolos, a distributed intrusion detection and event correlation infrastructure STAND, a training-set sanitization technique applicable to ADs requiring unsupervised training POLYMORPH, an evaluation of the strength of metamorphic engines demonstrating the infeasibility of signature-based filtering devices and an integrated software diversification system based on Instruction Set Randomization.
- Computer Systems Management and Standards