CT-T: Enabling Collaborative Self-Healing Software Systems

CT-T：实现协作式自我修复软件系统

• 批准号: 0627473
• 负责人: Angelos Keromytis
• 金额: --
• 依托单位: Columbia University
• 依托单位国家: 美国
• 项目类别: Continuing Grant
• 财政年份: 2006
• 资助国家: 美国
• 起止时间: 2006-09-01 至 2011-08-31
• 项目状态: 已结题
• 来源: https://www.nsf.gov/awardsearch/showAward?AWD_ID=0627473&HistoricalAwards=false
• 关键词: CT; Enabling; Collaborative; Self; Healing

Angelos KeromytisColumbia UniversityEnabling Collaborative Self-healing Software Systems0627473Panel P060975AbstractCollaborative Self-healing Systems (COSS) is a new paradigm for protecting software systems. Software monocultures are widely used applications that share common vulnerabilities. Hence, any attack that exploits one instance of a vulnerable application provides the means for wide-spread damage. The emerging concept of collaborative security, wherein independent but cooperative entities form a group to improve their individual security, provides the opportunity to exploit the homogeneity of a software monoculture for collective and mutual protection. Monocultures can be leveraged to improve an application's overall security and reliability. COSS members running independent instances of the same application will continuously exchange information that allows them to collectively identify new application faults and attacks (collaborative monitoring), identify the core vulnerability shared by all instances of the application (vulnerability identification), and to automatically develop, test and apply fixes (heal the application). Identifying the application vulnerability requires potentially substantial costs in instrumentation and monitoring in each application instance. We leverage the size of a COSS to amortize the cost of monitoring the application's behavior on a per-instance basis by distributing the monitoring task across a large population; each instance only monitors a portion of the common application but collectively the entire application is covered. COSS may be viewed as a large-scale, diverse software-testing facility that allows its members to identify how a potentially large and complex host application behaves at a very fine level of granularity. This project develops, prototypes and evaluates technologies for automatically building collaborative, self-securing software systems, enabling reliable and secure commodity software.

Angelos Keromytis哥伦比亚大学启用协作自我修复软件系统0627473面板 P060975抽象协作自我修复系统（COSS）是保护软件系统的新范例。软件单一文化是广泛使用的应用程序，它们具有共同的漏洞。因此，任何利用易受攻击的应用程序实例的攻击都提供了造成广泛损害的手段。新兴的协作安全概念（其中独立但合作的实体组成一个团体来提高其各自的安全性）提供了利用软件单一文化的同质性进行集体和相互保护的机会。可以利用单一培养来提高应用程序的整体安全性和可靠性。运行同一应用程序的独立实例的 COSS 成员将不断交换信息，使它们能够集体识别新的应用程序故障和攻击（协同监控），识别应用程序所有实例共享的核心漏洞（漏洞识别），并自动开发、测试并应用修复（修复应用程序）。识别应用程序漏洞可能需要在每个应用程序实例中进行检测和监控，从而产生大量成本。我们利用 COSS 的大小，通过将监控任务分布到大量人群中来分摊监控每个实例的应用程序行为的成本；每个实例仅监视公共应用程序的一部分，但总体而言整个应用程序都被覆盖。 COSS 可以被视为一个大规模、多样化的软件测试设施，允许其成员以非常精细的粒度级别识别潜在的大型且复杂的主机应用程序的行为方式。该项目开发、原型化和评估自动构建协作、自我安全软件系统的技术，从而实现可靠和安全的商品软件。