USENIX Conference Policies
From STEM to SEAD: Speculative Execution for Automated Defense
Most computer defense systems crash the process that they protect as part of their response to an attack. Although recent research explores the feasibility of self-healing to automatically recover from an attack, self-healing faces some obstacles before it can protect legacy applications and COTS (Commercial Off-The-Shelf) software. Besides the practical issue of not modifying source code, self-healing must know both when to engage and how to guide a repair.
Previous work on a self-healing system, STEM, left these challenges as future work. This paper improves STEM’s capabilities along three lines to provide practical speculative execution for automated defense (SEAD). First, STEM is now applicable to COTS software: it does not require source code, and it imposes a roughly 73% performance penalty on Apache’s normal operation. Second, we introduce repair policy to assist the healing process and improve the semantic correctness of the repair. Finally, STEM can create behavior profiles based on aspects of data and control flow.
Open Access Media
USENIX is committed to Open Access to the research presented at our events. Papers and proceedings are freely available to everyone once the event begins. Any video, audio, and/or slides that are posted after the event are also free and open to everyone. Support USENIX and our commitment to Open Access.
author = {Michael E. Locasto and Angelos Stavrou and Gabriela F. Cretu and Angelos D. Keromytis},
title = {From {STEM} to {SEAD}: Speculative Execution for Automated Defense },
booktitle = {2007 USENIX Annual Technical Conference (USENIX ATC 07)},
year = {2007},
address = {Santa Clara, CA},
url = {https://www.usenix.org/conference/2007-usenix-annual-technical-conference/stem-sead-speculative-execution-automated-defense},
publisher = {USENIX Association},
month = jun
}