Automatic Defense Through Fault Localization and Dynamic Patch Creation

doi:10.1109/QRS-C.2016.65

Title:	Automatic Defense Through Fault Localization and Dynamic Patch Creation
Authors:	Chen, Hsia-Hsiang Zheng, Da-Qun Huang, Shih-Kun 資訊工程學系資訊技術服務中心 Department of Computer Science Information Technology Services Center
Keywords:	Cyber Grand Challenge (CGC);cyber reasoning system (CRS);fuzz testing;fault localization;binary patch
Issue Date:	2016
Abstract:	The US Department of Defense has called for contest on automatic attack and defense. The contest is a competition, called Cyber Grand Challenge (CGC), aimed at developing cyber security systems. In accordance with the competition rules, we developed an automatic cyber reasoning system (CRS) that meets the objectives specified in the CGC. Our CRS combines the techniques of fuzz testing, fault localization, and binary patch creation to construct an automatic defense system. From the sample problems in the CGC, we evaluate our system and the binary patch capability by applying them to real programs. We explore two patching methods in five challenges in CGC with partial successes in availability and security.
URI:	http://dx.doi.org/10.1109/QRS-C.2016.65 http://hdl.handle.net/11536/136259
ISBN:	978-1-5090-3713-1
DOI:	10.1109/QRS-C.2016.65
Journal:	2016 IEEE INTERNATIONAL CONFERENCE ON SOFTWARE QUALITY, RELIABILITY AND SECURITY COMPANION (QRS-C 2016)
Begin Page:	408
End Page:	409
Appears in Collections:	Conferences Paper