Browsing by Author "Gonzalez, Robin"
Now showing 1 - 2 of 2
Results Per Page
Sort Options
- ItemOpen AccessClassifying the Data Semantics of Patches(2013-09-04) Locasto, Michael; Gonzalez, RobinPatching software remains a key defensive technique for mitigating flaws and vulnerabilities. Patches, however, entail complications that are hard to predict. Patches can be incomplete or incorrect, thereby not fully addressing the targeted flaw or introducing new bugs and unintended behavior. System administrators and owners are often at a loss to assess the risk that applying a patch might carry. Without a lengthy evaluation, they cannot predict how the patch will behave in or affect their environment. Such obstacles often prevent the use of hot patching or dynamic software updating. One major obstacle to hot patching arises from the desynchronization of existing data with the patch’s new code semantics. This paper adopts a machine learning approach to assist this kind of prediction: whether the patch contains elements that are likely to cause problems if the patch is applied to the running system. We drive this automated assessment (based on a Support Vector Machine) via an analysis of the control and data modification operations in the patch. Our SVM classifies a set of 25 unlabeled patches with 92% accuracy. As a baseline, it also classifies its testing set of 50 patches (blindly, without labels) with 84% accuracy.
- ItemOpen AccessDPL: A Data Patching Language(2014-02-05) Gonzalez, Robin; Locasto, MichaelPatching applications remains one of the most effective techniques for defending against exploitation of vulnerabilities and is a basic defensive mechanisms against attacks. However, it entails unwanted complications for the user, such as restarting the application after it gets patched. Restarting the application influences the user to stop updating applications and operating systems, making out of date software that presents an attractive target for exploitation. Even though many authors address this issue by proposing frameworks and tools for applying these patches {\it on the fly}, most modern systems and applications do not implement this technique. One of the biggest challenges for mainstreaming this technique is the fact that patches not only change source code but also the state or semantics of the application. This thesis proposes a mechanism that aids the activity of hot patching applications by updating its data semantics while dynamically applying a patch. More precisely, the mechanism updates the data structures of an application according to what a patch entails by making sure that the application's state is updated according to the new semantics introduced by the patch. For this, we present a proof of concept of a framework that is capable of patching the data semantics (i.e., data structure modifications according to a security patch) of an application. This thesis explores the question of what makes a patch feasible for hot--patching according to how it modifies the semantics of an application. We also study the application of machine learning algorithms to predict patches that were considered to be feasible for hot--patching based on an empirical study. We also explain the design and implementation of a proof of concept capable of hot--patching data structures of applications. As in many other scientific studies, we found that there is a subset of patches that we are not able to use for hot--patching because of the operations they are introducing. By studying this subset of patches, we learned that certain data operations introduce changes in the control flow that can create conflicts when hot--patching. We explain what type of operations defined a patch to be infeasible -- according to our heuristics -- and we hot--patched the statements that we found to be feasible. Our system is capable of hot--patching different types of data structures according to the aforementioned feasible operations with a very low performance overhead. At the end, we present the evaluation and results of our investigation. We learned that 13 out of 75 security patches that modify data structures are not feasible to implement using our heuristics, making them difficult to update because of the semantics the patch introduces. On the other hand, we found 38 out of 75 security patches feasible to implement by using our set of data operations and the remaining 24 were not modifying data semantics. In conclusion, we found that, if patch developers are aware of the type of statements that introduce conflicts when hot--patching, they could make hot--patching a feasible activity.