Vulnerability patch management remains one of the most complex issues facing modern enterprises; companies struggle to test and deploy new patches across their networks, often leaving myriad attack vectors vulnerable to exploits. This problem is exacerbated by enterprise server applications, which expose tremendous amounts of information about their security postures, greatly expediting attackers' reconnaissance incursions (e.g., knowledge gathering attacks). Unfortunately, current patching processes offer no insights into attacker activities, and prompt attack remediation is hindered by patch compatibility considerations and deployment cycles.
To reverse this asymmetry, a patch management model is proposed to facilitate the rapid injection of software patches into live, commodity applications without disruption of production workflows, and the transparent sandboxing of suspicious processes for counterreconnaissance and threat information gathering. Our techniques improve workload visibility and vulnerability management, and overcome perennial shortcomings of traditional patching methodologies, such as proneness to attacker fingerprinting, and the high cost of deployment. The approach enables a large variety of novel defense scenarios, including rapid security patch testing with prompt recovery from defective patches and the placement of exploit sensors inlined into production workloads. An implementation for six enterprise-grade server programs demonstrates that our approach is practical and incurs minimal runtime overheads. Moreover, four use cases are discussed, including a practical deployment on two public cloud environments.
Tue 10 NovDisplayed time zone: (UTC) Coordinated Universal Time change
08:30 - 09:00
|An Evaluation of Methods to Port Legacy Code to SGX Enclaves
Kripa Shanker Indian Institute of Science, Bangalore, Arun Joseph Indian Institute of Science, India, Vinod Ganapathy Indian Institute of Science, IndiaDOI Pre-print File Attached
|How Does Refactoring Impact Security When Improving Quality? A Security-Aware Refactoring Approach
|Improving Cybersecurity Hygiene through JIT Patching
|Search-Based Adversarial Testing and Improvement of Constrained Credit Scoring Systems
Salah Ghamizi University of Luxembourg, Luxembourg, Maxime Cordy University of Luxembourg, Luxembourg, Martin Gubri University of Luxembourg, Luxembourg, Mike Papadakis University of Luxembourg, Luxembourg, Andrey Boystov University of Luxembourg, Luxembourg, Yves Le Traon University of Luxembourg, Luxembourg, Anne Goujon BGL BNP Paribas, LuxembourgDOI Pre-print
|SinkFinder: Harvesting Hundreds of Unknown Interesting Function Pairs with Just One Seed
Pan Bian Renmin University of China, China, Bin Liang Renmin University of China, China, Jianjun Huang Renmin University of China, China, Wenchang Shi Renmin University of China, China, Xidong Wang Renmin University of China, China, Jian Zhang Institute of Software at Chinese Academy of Sciences, ChinaDOI
|Taking the Middle Path: Learning About Security Through Online Social Interaction
|Conversations on Security
Frederico Araujo IBM T.J. Watson Research Center, New York, USA, Kripa Shanker Indian Institute of Science, Bangalore, Pan Bian Renmin University of China, China, Salah Ghamizi SntT - University of Luxembourg, Tamara Lopez The Open University, Chaima Abid University of Michigan, M: Ben Hermann Technical University Dortmund