Accession Number:

ADA513904

Title:

Leveraging Parallel Hardware to Detect, Quarantine, and Repair Malicious Code Injection (#36)

Descriptive Note:

Final rept. May 2007-Aug 2009

Corporate Author:

CALIFORNIA UNIV IRVINE

Personal Author(s):

Report Date:

2010-01-01

Pagination or Media Count:

56.0

Abstract:

In a Multi-Variant Execution Environment MVEE, several slightly different versions of the same program are executed in lockstep. While this is done, a monitor compares the behavior of the versions at certain synchronization points with the aim of detecting discrepancies which may indicate attacks. A fully functions MVEE has been built and evaluated. The implemented system can successfully detect previously unknown attacks in real time, in exchange for a small runtime penalty.

Subject Categories:

  • Computer Programming and Software

Distribution Statement:

APPROVED FOR PUBLIC RELEASE