See this document in CiteSeerX!

Countering Network Worms through Automatic Patch Generation (2003)  (Make Corrections)  (12 citations)
Stelios Sidiroglou, Angelos D. Keromytis



  Home/Search   Context   Related

 
View or download:
columbia.edu/~ange...dpointpatching.pdf
Cached:  PS.gz  PS  PDF   Image  Update  Help

From:  columbia.edu/~angelos/Papers/ (more)
(Enter author homepages)

Rate this article: (best)
  Comment on this article  
(Enter summary)

Abstract: The ability of worms to spread at rates that effectively preclude human-directed reaction has elevated them to a first-class security threat to distributed systems. We propose an architecture for automatically repairing software flaws that are exploited by network worms. Our approach relies on source code transformations to quickly apply automatically-created (and tested) localized patches to vulnerable segments of the targeted application. To determine these susceptible portions, we use a... (Update)

Cited by:   More
Can we contain Internet worms? - Manuel Costa Jon   (Correct)
Policy and Implementation Assurance for Software Security - Wilander (2005)   (Correct)
Taxonomy and Effectiveness of Worm Defense Strategies - Brumley, Liu, Poosankam, Song (2005)   (Correct)

Similar documents (at the sentence level):
9.7%:   Countering Network Worms through Automatic Patch Generation - Sidiroglou, Keromytis (2003)   (Correct)
7.5%:   A Cooperative Immunization System for an Untrusting.. - Anagnostakis.. (2003)   (Correct)

Active bibliography (related documents):   More   All
2.3:   A Network Worm Vaccine Architecture - Stelios Sidiroglou Stelios (2003)   (Correct)
1.5:   Using Execution Transactions To Recover From Buffer.. - Stelios Sidiroglou.. (2004)   (Correct)
1.3:   A Holistic Approach to Service Survivability - Keromytis, Parekh, Gross.. (2003)   (Correct)

Similar documents based on text:
0.2:   Building a Reactive Immune System for Software Services - Sidiroglou, Locasto.. (2005)   (Correct)

Related documents from co-citation:   More   All
8:   Internet Quarantine: Requirements for Containing SelfPropagating Code - Moore, Shannon et al. - 2003
7:   How to 0wn the Internet in Your Spare Time - Staniford, Paxson et al. - 2002
6:   IEEE Security and Privacy (context) - Moore, Paxson et al. - 2003

BibTeX entry:   (Update)

Sidiroglou S. and Keromytis. A. countering network worms through automatic patch generation. Research Report, 2003. http://citeseer.ist.psu.edu/article/sidiroglou03countering.html   More

@misc{ sidiroglou03countering,
  author = "S. Sidiroglou and A. Keromytis",
  title = "countering network worms through automatic patch generation",
  text = "Sidiroglou S. and Keromytis. A. countering network worms through automatic
    patch generation. Research Report, 2003.",
  year = "2003",
  url = "citeseer.ist.psu.edu/article/sidiroglou03countering.html" }
Citations (may not include all citations):
412   Security Architecture for the Internet Protocol (context) - Kent, Atkinson - 1998
175   A Secure Environment for Untrusted Helper Applications - Goldberg, Wagner et al. - 1996
141   Stackguard: Automatic adaptive detection and prevention of b.. - Cowan, Pu et al. - 1998
100   The TLS protocol version (context) - Dierks, Allen - 1999
89   Using the SimOS Machine Simulator to Study Complex Computer .. - Rosenblum, Bugnion et al. - 1997
88   Cyclone: A safe dialect of C - Jim, Morrisett et al. - 2002
74   Internet Quarantine: Requirements for Containing Self-Propag.. - Moore, Shannon et al. - 2003
74   Code-Red: a case study on the spread and victims of an Inter.. - Moore, Shanning et al. - 2002
66   Smashing the stack for fun and profit (context) - One - 1996
62   Scale and Performance in the Denali Isolation Kernel - Whitaker, Shaw et al. - 2002
61   Throttling Viruses: Restricting Propagation to Defeat Malici.. - Williamson - 2002
59   Implementing a Distributed Firewall - Ioannidis, Keromytis et al. - 2000
58   MOPS: an Infrastructure for Examining Security Properties of.. - Chen, Wagner - 2002
56   How to Own the Internet in Your Spare Time (context) - Staniford, Paxson et al. - 2002
54   Transparent Run-Time Defense Against Stack Smashing Attacks - Baratloo, Singh et al. - 2000
53   Code Red Worm Propagation Modeling and Analysis - Zou, Gong et al. - 2002
53   The Internet Worm Program: An Analysis - Spafford - 1988
45   Building Diverse Computer Systems - Forrest, Somayaji et al. - 1997
42   A Biologically Inspired Immune System for Computers - Kephart - 1994
39   Formatguard: Automatic protection from printf format string .. - Cowan, Barringer et al. - 2001
35   Statically Detecting Likely Buffer Overflow Vulnerabilities - Larochelle, Evans - 2001
34   Backwards-compatible bounds checking for arrays and pointers.. - Jones, Kelly - 1997
32   Secure Execution Via Program Shepherding - Kiriansky, Bruening et al. - 2002
30   special issue on security (context) - Bellovin, login - 1999
29   ReVirt: Enabling Intrusion Analysis through VirtualMachine L.. (context) - Dunlap, King et al. - 2002
27   StackGhost: Hardware facilitated stack protection - Frantzen, Shuey - 2001
26   Improving Host Security with System Call Policies - Provos - 2003
25   Bypassing StackGuard and StackShield (context) - Kil - 2000
24   04: MS-SQL Server Worm (context) - CA-- - 2003
20   Address Obfuscation: an Efficient Approach to Combat a Broad.. (context) - Bhatkar, DuVarney et al. - 2003
19   Traps and Pitfalls: Practical Problems in System Call Interp.. - Garfinkel - 2003
19   On Computer Viral Infection and the Effect of Immunization - Wang, Knight et al. - 2000
18   Cooperative Response Strategies for Large Scale Attack Mitig.. (context) - Nojiri, Rowe et al. - 2003
17   Implementing and testing a virus throttle - Twycross, Williamson - 2003
16   PointGuard: Protecting Pointers From Buffer Overflow Vulnera.. (context) - Cowan, Beattie et al. - 2003
15   MET: An Experimental System for Malicious Email Tracking (context) - Bhattacharyya, Schultz et al. - 2002
15   ww heap overflow (context) - Security, heap et al. - 1999
15   A Virtual Machine Introspection Based Architecture for Intru.. - Garfinkel, Rosenblum - 2003
15   The Denotational Semantics of a Functional Tree-Manipulation.. - Malton - 1993
14   Type-Assisted Dynamic Buffer Overflow Detection - Lhee, Chapin - 2002
13   A Binary Rewriting Defense Against Stack-based Buffer Overfl.. (context) - Prasad, Chiueh - 2003
12   programs -- early experiments with a distributed computation (context) - Shoch, Hupp et al. - 1982
12   Del Rey Books (context) - Brunner, Rider - 1975
12   Improving Computer Security Using Extended Static Checking - Chess - 2002
11   Preventing Privilege Escalation - Provos, Friedl et al. - 2003
11   Indra: A peer-topeer approach to network intrusion detection.. - Janakiraman, Waldvogel et al. - 2003
10   Predators: Good Will Mobile Codes Combat against Computer Vi.. (context) - Toyoizumi, Kara - 2002
10   SubDomain: Parsimonious Security for Server Appliances (context) - Cowan, Beattie et al. - 2000
10   A Flexible Containment Mechanism for Executing Untrusted Cod.. (context) - Peterson, Bishop et al. - 2002
10   Connection-history Based Anomaly Detection - Toth, Kruegel - 2002
10   A New Model for Availability in the Face of Self-Propagating.. - Lin, Ricciardi et al. - 1998
9   Computer Viruses: Theory and Practice (context) - Cohen - 1987
9   GCC extension for protecting applications from stack-smashin.. (context) - Etoh - 2000
9   Static Analysis of Executables to Detect Malicious Patterns - Christodorescu, Jha - 2003
8   A Snapshot of Global Internet Worm Activity (context) - Song, Malan et al. - 2001
8   High Coverage Detection of Input-Related Security Faults (context) - Larson, Austin - 2003
8   Line Intrusion Detection and Attack Prevention Using Diversi.. (context) - Reynolds, Just et al. - 2003
8   Welcome To My Tarpit: The Tactical and Strategic Use of LaBr.. (context) - Liston - 2001
8   The Design and Implementation of an Intrusion Tolerant Syste.. (context) - Reynolds, Just et al. - 2002
8   Sandboxing Applications - Prevelakis, Spinellis - 2001
6   Using Network-Based Application Recognition and Access Contr.. (context) - Based, Recognition et al.
6   comceipres pr (context) - of, Attacks et al. - 2001
6   Computer Virus - Coevolution (context) - Nachenberg - 1997
5   A Comparison of Publicly Available Tools for Dynamic Intrusi.. (context) - Wilander, Kamkar - 2003
5   21: W32/Blaster Worm (context) - CA-- - 2003
5   Detecting Lots of Security Holes Using System-Specific Stati.. (context) - Ashcraft, Engler - 2002
5   Learning Unknown Attacks -- A Start (context) - Just, Clough et al. - 2002
5   devices on vmware workstation's hosted virtual machine monit.. (context) - Venkitachalam, Lim
4   String Copy and Concatentation (context) - Miller, de Raadt et al. - 1999
4   Detecting Network Intrusions via Sampling: A Game Theoretic .. - Kodialam, Lakshman - 2003
3   19: Exploitation of Vulnerabilities in Microsoft RPC Interfa.. (context) - CA-- - 2003
3   line Intrusion Protection by Detecting Attacks with Diversit.. (context) - Reynolds, Just et al.
http://serg.cs.drexel.edu/cosak/index.shtml/
http://www.angelfire.com/sk/stackshield/
http://www.caida.org/analysis/workload/byapplication/oc48/port
http://develoer.kde.org/



The graph only includes citing articles where the year of publication is known.

Documents on the same site (http://www1.cs.columbia.edu/~angelos/Papers/):
Dealing with System Monocultures - Keromytis, Prevelakis   (Correct)

Online articles have much greater impact   More about CiteSeer.IST   Add search form to your site   Submit documents   Feedback  

CiteSeer.IST - Copyright Penn State and NEC