Survivor: A Fine-Grained Intrusion Response and Recovery Approach for Commodity Operating Systems

Ronny chevalier le

Lieu: bât. 862, pièce 1073

Despite the deployment of preventive security mechanisms to protect the assets and computing platforms of users, intrusions eventually occur. In this talk, we will present a paper that we published at ACSAC’19 (https://www.acsac.org/) describing an approach to to make our operating systems (OSs) and applications more resilient so that they can survive intrusions. We will present the state-of-the-art solutions and why our OSs can detect but cannot survive intrusions. Then, we will present our approach that relies on an orchestration of recovery and per-service responses (e.g., privileges removal) that may put the system into a degraded mode. This mode minimizes the availability impact on the system and its functions while maximizing its security, allowing the system to wait for patches to be deployed. Finally, we will present our Linux-based prototype, how we evaluated our approach, and we will conclude with some ideas about future work.

Survivor: A Fine-Grained Intrusion Response and Recovery Approach for Commodity Operating Systems

Ronny chevalier le var d = new Date(1585056600000); document.getElementById("date").innerHTML = d.toLocaleString();

Ronny chevalier le