{"title":"演示:数据泄漏的动态中和","authors":"Kirill Kononenko","doi":"10.1145/2801694.2802141","DOIUrl":null,"url":null,"abstract":"The security of hardware-software systems is at risk from a wide range of attack vectors that appear at various stages during the execution of machine code. The existing approaches for repairing software defects have numerous restrictions with respect to their applicability and functionality and to the range of vulnerabilities that can be identified and eliminated. We propose an approach for removing software errors in program code that is based on just-in-time compilation in a virtual execution environment. The virtual environment uses static, dynamic, and hybrid analyses of the intermediate representation of vulnerable code and re-compiles such code to be safe. The language of code annotations allows us to manage static and dynamic analyses and code transformations. We can change the level of analysis and the amount of time spent on such analyses by dynamically adapting the precision.","PeriodicalId":62224,"journal":{"name":"世界中学生文摘","volume":"52 1","pages":""},"PeriodicalIF":0.0000,"publicationDate":"2015-09-11","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"2","resultStr":"{\"title\":\"Demo: Dynamic Neutralization of Data Leakages\",\"authors\":\"Kirill Kononenko\",\"doi\":\"10.1145/2801694.2802141\",\"DOIUrl\":null,\"url\":null,\"abstract\":\"The security of hardware-software systems is at risk from a wide range of attack vectors that appear at various stages during the execution of machine code. The existing approaches for repairing software defects have numerous restrictions with respect to their applicability and functionality and to the range of vulnerabilities that can be identified and eliminated. We propose an approach for removing software errors in program code that is based on just-in-time compilation in a virtual execution environment. The virtual environment uses static, dynamic, and hybrid analyses of the intermediate representation of vulnerable code and re-compiles such code to be safe. The language of code annotations allows us to manage static and dynamic analyses and code transformations. We can change the level of analysis and the amount of time spent on such analyses by dynamically adapting the precision.\",\"PeriodicalId\":62224,\"journal\":{\"name\":\"世界中学生文摘\",\"volume\":\"52 1\",\"pages\":\"\"},\"PeriodicalIF\":0.0000,\"publicationDate\":\"2015-09-11\",\"publicationTypes\":\"Journal Article\",\"fieldsOfStudy\":null,\"isOpenAccess\":false,\"openAccessPdf\":\"\",\"citationCount\":\"2\",\"resultStr\":null,\"platform\":\"Semanticscholar\",\"paperid\":null,\"PeriodicalName\":\"世界中学生文摘\",\"FirstCategoryId\":\"90\",\"ListUrlMain\":\"https://doi.org/10.1145/2801694.2802141\",\"RegionNum\":0,\"RegionCategory\":null,\"ArticlePicture\":[],\"TitleCN\":null,\"AbstractTextCN\":null,\"PMCID\":null,\"EPubDate\":\"\",\"PubModel\":\"\",\"JCR\":\"\",\"JCRName\":\"\",\"Score\":null,\"Total\":0}","platform":"Semanticscholar","paperid":null,"PeriodicalName":"世界中学生文摘","FirstCategoryId":"90","ListUrlMain":"https://doi.org/10.1145/2801694.2802141","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}
The security of hardware-software systems is at risk from a wide range of attack vectors that appear at various stages during the execution of machine code. The existing approaches for repairing software defects have numerous restrictions with respect to their applicability and functionality and to the range of vulnerabilities that can be identified and eliminated. We propose an approach for removing software errors in program code that is based on just-in-time compilation in a virtual execution environment. The virtual environment uses static, dynamic, and hybrid analyses of the intermediate representation of vulnerable code and re-compiles such code to be safe. The language of code annotations allows us to manage static and dynamic analyses and code transformations. We can change the level of analysis and the amount of time spent on such analyses by dynamically adapting the precision.
求助内容:
应助结果提醒方式:
京公网安备 11010802042870号
