Return Value Predictability Profiles for Self–healing

Michael E. Locasto; Angelos Stavrou; Gabriela F. Cretu; Angelos D. Keromytis; Salvatore Stolfo

Return Value Predictability Profiles for Self–healing
Locasto, Michael E.
Stavrou, Angelos
Cretu, Gabriela F.
Keromytis, Angelos D.
Stolfo, Salvatore
Computer Science
Persistent URL:
Part Number:
Book/Journal Title:
Advances in Information and Computer Security: Third International Workshop on Security, IWSEC 2008, Kagawa, Japan, November 25-27, 2008: Proceedings
Book Author:
Matsuura, Kanta
Publisher Location:
New York
Current embryonic attempts at software self–healing produce mechanisms that are often oblivious to the semantics of the code they supervise. We believe that, in order to help inform runtime repair strategies, such systems require a more detailed analysis of dynamic application behavior. We describe how to profile an application by analyzing all function calls (including library and system) made by a process. We create predictability profiles of the return values of those function calls. Self–healing mechanisms that rely on a transactional approach to repair (that is, rolling back execution to a known safe point in control flow or slicing off the current function sequence) can benefit from these return value predictability profiles. Profiles built for the applications we tested can predict behavior with 97% accuracy given a context window of 15 functions. We also present a survey of the distribution of actual return values for real software as well as a novel way of visualizing both the macro and micro structure of the return value distributions. Our system helps demonstrate the feasibility of combining binary–level behavior profiling with self–healing repairs.
Computer science
Publisher DOI:
Item views
text | xml
Suggested Citation:
Michael E. Locasto, Angelos Stavrou, Gabriela F. Cretu, Angelos D. Keromytis, Salvatore Stolfo, , Return Value Predictability Profiles for Self–healing, Columbia University Academic Commons, .

Columbia University Libraries | Policies | FAQ