MINESTRONE: Identifying and containing
software vulnerabilities

MINESTRONE logo
 
Back to MINESTRONE
 
AFRL

REASSURE: A Self-contained Mechanism for Healing Software Using Rescue Points

Software failures in server applications are a significant problem for preserving system availability. ASSURE introduced rescue points to recover software from unknown faults, while maintaining both system integrity and availability, by mimicking system behavior under known error conditions.

Rescue points are locations in existing application code for handling a given set of programmer-anticipated failures, which are automatically repurposed and tested for safely enabling fault recovery from a larger class of (unanticipated) faults.

Rescue Point
Example of rescue point

REASSURE builds on Intel's Pin DBI framework to provide a self-containted mechanism to head software using rescue points. Rescue points can be identified and tested as before, and finally deployed using Pin and REASSURE. This new approach does not require special kernel support, and can be applied on already deployed binaries simply be installing Pin, and attaching it to the faulty application.

People

Prof. Angelos Keromytis, Columbia University
Georgios Portokalidis, Columbia University

Related papers

REASSURE: A Self-contained Mechanism for Healing Software Using Rescue Points
Georgios Portokalidis and Angelos D. Keromytis
In the Proceedings 6th International Workshop on Security (IWSEC2011), November 2011.

Latest News

07/11/11
Our paper "REASSURE: A Self-contained Mechanism for Healing Software Using Rescue Points" is to appear in the 6th International Workshop on Security (IWSEC2011).
This work is supported by the United States Air Force Research Laboratory (AFRL) through Contract FA8650-10-C-7024. Opinions, findings, conclusions and recommendations expressed in this material are those of the authors and do not necessarily reflect the views of the US Government, or the Air Force.