Exniffer: Learning to Prioritize Crashes by Assessing the Exploitability from Memory Dump

机译：Exniffer：通过评估内存转储的可利用性来学习确定崩溃的优先级

获取原文

页面导航

摘要
著录项
相似文献
相关主题

摘要

An important component of software reliability is the assurance of certain security guarantees, such as absence of low-level bugs that may result in code exploitation, for example. A program crash is an early indicator of possible errors in the program like memory corruption, access violation or division by zero. In particular, a crash may indicate the presence of safety or security critical errors. A safety-error crash does not result in any exploitable condition, whereas a security-error crash allows an attacker to exploit a vulnerability. However, distinguishing one from the other is a non-trivial task. This exacerbates the problem in cases where we get hundreds of crashes and programmers have to make choices which crash to patch first! In this work, we present a technique to identify security critical crashes by applying machine learning on a set of features derived from core-dump files and runtime information obtained from hardware assisted monitoring such as the last branch record (LBR) register. We implement the proposed technique in a prototype called Exniffer. Our empirical results, obtained by experimenting Exniffer on several crashes on real-world applications show that proposed technique is able to classify a given crash as exploitable or not-exploitable with high accuracy.

机译：软件可靠性的重要组成部分是某些安全保证的保证，例如，缺少可能导致代码利用的低级错误。程序崩溃是程序中可能出现错误的早期指示，例如内存损坏，访问冲突或被零除。特别是，崩溃可能表明存在安全性或安全性严重错误。安全错误崩溃不会导致任何可利用的状况，而安全错误崩溃则使攻击者能够利用漏洞。但是，将一个与另一个区分开是一项艰巨的任务。如果我们遇到数百起崩溃，而程序员不得不选择首先要修复的崩溃，这会加剧该问题！在这项工作中，我们提出了一种技术，该技术通过将机器学习应用于从核心转储文件衍生的一组功能以及从硬件辅助监视（例如最后分支记录（LBR）寄存器）获得的运行时信息来识别安全关键崩溃。我们在名为Exniffer的原型中实现了建议的技术。通过对Exniffer在现实应用中的几次崩溃进行实验获得的经验结果表明，所提出的技术能够将给定的崩溃以高准确度分类为可利用或不可利用的崩溃。

著录项

来源
《Asia-Pacific Software Engineering Conference》|2017年|239-248|共10页
会议地点
作者
Shubham Tripathi; Gustavo Grieco; Sanjay Rawat;
展开▼
作者单位

展开▼
会议组织
原文格式 PDF
正文语种
中图分类
关键词
Feature extraction; Computer bugs; Registers; Runtime; Security; Hardware;

机译：功能提取;计算机错误;寄存器;运行时;安全性;硬件;

相似文献

外文文献
中文文献
专利

1. Which Crashes Should I Fix First?: Predicting Top Crashes at an Early Stage to Prioritize Debugging Efforts [J] . Kim Dongsun, Wang Xinming, Kim Sunghun, Software Engineering, IEEE Transactions on . 2011,第3期

机译：我应该首先修复哪些崩溃？：尽早预测主要崩溃，优先安排调试工作
2. Storage and Processing in Working Memory: Assessing Dual-Task Performance and Task Prioritization Across the Adult Lifespan [J] . Rhodes Stephen, Jaroslawska Agnieszka J., Doherty Jason M., Journal of Experimental Psychology. General . 2019,第7期

机译：工作内存中的存储和处理：在成人寿命中评估双任务性能和任务优先级
3. Assessing and Prioritizing Affecting Factors in E-Learning Websites Using AHP Method and Fuzzy Approach [J] . Mehrbakhsh Nilashi, Nasim Janahmadi Information and Knowledge Management . 2012,第1期

机译：运用AHP和模糊方法评估和排序电子学习网站中的影响因素。
4. Exniffer: Learning to Prioritize Crashes by Assessing the Exploitability from Memory Dump [C] . Shubham Tripathi, Gustavo Grieco, Sanjay Rawat Asia-Pacific Software Engineering Conference . 2017

机译：exniffer：通过评估来自内存转储的可利用性来学习优先级崩溃
5. Default hierarchy formation and memory exploitation in learning classifier systems. [D] . Smith, Robert Elliott. 1991

机译：学习分类器系统中的默认层次结构形成和内存开发。
6. Ochrobactrum sp. MPV1 from a dump of roasted pyrites can be exploited as bacterial catalyst for the biogenesis of selenium and tellurium nanoparticles [O] . Emanuele Zonaro, Elena Piacenza, Alessandro Presentato, 2017

机译：ch骨菌属可以将烤黄铁矿堆中的MPV1用作硒和碲纳米粒子生物发生的细菌催化剂
7. Proposal of a Monitoring System for Collaborative Robots to Predict Outages and to Assess Reliability Factors Exploiting Machine Learning [O] . Khurshid Aliev, Dario Antonelli 2021

机译：协作机器人监测系统的提议预测停电并评估利用机器学习的可靠性因素
8. Distraction in Commercial Trucks and Buses: Assessing Prevalence and Risk in Conjunction with Crashes and Near-Crashes. Final Report. (September 2009-April 2010) [R] . Hickman, J. S., Hanowski, R. J., Bocanegra, J. 2010

机译：商用卡车和公共汽车的分心：评估与崩溃和近崩溃相关的流行和风险。总结报告。（2009年9月至2010年4月）

Exniffer: Learning to Prioritize Crashes by Assessing the Exploitability from Memory Dump

摘要

著录项

相似文献

相关主题

期刊订阅