Process recovery by rollback and input modification Online publication date: Wed, 01-Jul-2015
by Yoshihiro Oyama; Takaaki Tomiyama
International Journal of Communication Networks and Distributed Systems (IJCNDS), Vol. 15, No. 1, 2015
Abstract: An effective countermeasure against software vulnerability attacks is a security system that executes a process in a confined or monitored environment. This type of security system isolates compromised software from other software and thus minimises the influence of attacks. However, several problems occur when a security system, without taking any other action, terminates a process that violates a security policy or encounters a fault. In this paper, we propose ProcHealer, a security system that does not terminate the offending process, but instead rolls it back to the pre-violation or pre-fault state where the process can be restarted and remediated. Security policy violations and faults are often caused by anomalous external inputs. In the restarted execution, ProcHealer therefore provides the process with a modified version of the external input.
Existing subscribers:
Go to Inderscience Online Journals to access the Full Text of this article.
If you are not a subscriber and you just want to read the full contents of this article, buy online access here.Complimentary Subscribers, Editors or Members of the Editorial Board of the International Journal of Communication Networks and Distributed Systems (IJCNDS):
Login with your Inderscience username and password:
Want to subscribe?
A subscription gives you complete access to all articles in the current issue, as well as to all articles in the previous three years (where applicable). See our Orders page to subscribe.
If you still need assistance, please email subs@inderscience.com