Automatic Defense through Fault Localization and Dynamic Patch Creation

Hsia Hsiang Chen; Da Qun Zheng; Shih-Kun Huang

doi:10.1109/QRS-C.2016.65

Automatic Defense through Fault Localization and Dynamic Patch Creation

Hsia Hsiang Chen, Da Qun Zheng, Shih-Kun Huang

Center for Information Technology Services

Research output: Chapter in Book/Report/Conference proceeding › Conference contribution › peer-review

1 Scopus citations

Abstract

The US Department of Defense has called for contest on automatic attack and defense. The contest is a competition, called Cyber Grand Challenge (CGC), aimed at developing cyber security systems. In accordance with the competition rules, we developed an automatic cyber reasoning system (CRS) that meets the objectives specified in the CGC. Our CRS combines the techniques of fuzz testing, fault localization, and binary patch creation to construct an automatic defense system. From the sample problems in the CGC, we evaluate our system and the binary patch capability by applying them to real programs. We explore two patching methods in five challenges in CGC with partial successes in availability and security.

Original language	English
Title of host publication	Proceedings - 2016 IEEE International Conference on Software Quality, Reliability and Security-Companion, QRS-C 2016
Publisher	Institute of Electrical and Electronics Engineers Inc.
Pages	408-409
Number of pages	2
ISBN (Electronic)	9781509037131
DOIs	https://doi.org/10.1109/QRS-C.2016.65
State	Published - 21 Sep 2016
Event	2nd IEEE International Conference on Software Quality, Reliability and Security-Companion, QRS-C 2016 - Vienna, Austria Duration: 1 Aug 2016 → 3 Aug 2016

Publication series

Name	Proceedings - 2016 IEEE International Conference on Software Quality, Reliability and Security-Companion, QRS-C 2016

Conference

Conference	2nd IEEE International Conference on Software Quality, Reliability and Security-Companion, QRS-C 2016
Country/Territory	Austria
City	Vienna
Period	1/08/16 → 3/08/16

Keywords

Cyber Grand Challenge (CGC)
binary patch
cyber reasoning system (CRS)
fault localization
fuzz testing

Access to Document

10.1109/QRS-C.2016.65

Cite this

Chen, H. H., Zheng, D. Q., & Huang, S.-K. (2016). Automatic Defense through Fault Localization and Dynamic Patch Creation. In Proceedings - 2016 IEEE International Conference on Software Quality, Reliability and Security-Companion, QRS-C 2016 (pp. 408-409). Article 7573780 (Proceedings - 2016 IEEE International Conference on Software Quality, Reliability and Security-Companion, QRS-C 2016). Institute of Electrical and Electronics Engineers Inc.. https://doi.org/10.1109/QRS-C.2016.65

Chen, Hsia Hsiang ; Zheng, Da Qun ; Huang, Shih-Kun. / Automatic Defense through Fault Localization and Dynamic Patch Creation. Proceedings - 2016 IEEE International Conference on Software Quality, Reliability and Security-Companion, QRS-C 2016. Institute of Electrical and Electronics Engineers Inc., 2016. pp. 408-409 (Proceedings - 2016 IEEE International Conference on Software Quality, Reliability and Security-Companion, QRS-C 2016).

@inproceedings{5446e1db39ce415ca21ffbfb455876d4,

title = "Automatic Defense through Fault Localization and Dynamic Patch Creation",

abstract = "The US Department of Defense has called for contest on automatic attack and defense. The contest is a competition, called Cyber Grand Challenge (CGC), aimed at developing cyber security systems. In accordance with the competition rules, we developed an automatic cyber reasoning system (CRS) that meets the objectives specified in the CGC. Our CRS combines the techniques of fuzz testing, fault localization, and binary patch creation to construct an automatic defense system. From the sample problems in the CGC, we evaluate our system and the binary patch capability by applying them to real programs. We explore two patching methods in five challenges in CGC with partial successes in availability and security.",

keywords = "Cyber Grand Challenge (CGC), binary patch, cyber reasoning system (CRS), fault localization, fuzz testing",

author = "Chen, {Hsia Hsiang} and Zheng, {Da Qun} and Shih-Kun Huang",

year = "2016",

month = sep,

day = "21",

doi = "10.1109/QRS-C.2016.65",

language = "English",

series = "Proceedings - 2016 IEEE International Conference on Software Quality, Reliability and Security-Companion, QRS-C 2016",

publisher = "Institute of Electrical and Electronics Engineers Inc.",

pages = "408--409",

booktitle = "Proceedings - 2016 IEEE International Conference on Software Quality, Reliability and Security-Companion, QRS-C 2016",

address = "美國",

note = "2nd IEEE International Conference on Software Quality, Reliability and Security-Companion, QRS-C 2016 ; Conference date: 01-08-2016 Through 03-08-2016",

}

Chen, HH, Zheng, DQ & Huang, S-K 2016, Automatic Defense through Fault Localization and Dynamic Patch Creation. in Proceedings - 2016 IEEE International Conference on Software Quality, Reliability and Security-Companion, QRS-C 2016., 7573780, Proceedings - 2016 IEEE International Conference on Software Quality, Reliability and Security-Companion, QRS-C 2016, Institute of Electrical and Electronics Engineers Inc., pp. 408-409, 2nd IEEE International Conference on Software Quality, Reliability and Security-Companion, QRS-C 2016, Vienna, Austria, 1/08/16. https://doi.org/10.1109/QRS-C.2016.65

Automatic Defense through Fault Localization and Dynamic Patch Creation. / Chen, Hsia Hsiang; Zheng, Da Qun; Huang, Shih-Kun.
Proceedings - 2016 IEEE International Conference on Software Quality, Reliability and Security-Companion, QRS-C 2016. Institute of Electrical and Electronics Engineers Inc., 2016. p. 408-409 7573780 (Proceedings - 2016 IEEE International Conference on Software Quality, Reliability and Security-Companion, QRS-C 2016).

Research output: Chapter in Book/Report/Conference proceeding › Conference contribution › peer-review

TY - GEN

T1 - Automatic Defense through Fault Localization and Dynamic Patch Creation

AU - Chen, Hsia Hsiang

AU - Zheng, Da Qun

AU - Huang, Shih-Kun

PY - 2016/9/21

Y1 - 2016/9/21

N2 - The US Department of Defense has called for contest on automatic attack and defense. The contest is a competition, called Cyber Grand Challenge (CGC), aimed at developing cyber security systems. In accordance with the competition rules, we developed an automatic cyber reasoning system (CRS) that meets the objectives specified in the CGC. Our CRS combines the techniques of fuzz testing, fault localization, and binary patch creation to construct an automatic defense system. From the sample problems in the CGC, we evaluate our system and the binary patch capability by applying them to real programs. We explore two patching methods in five challenges in CGC with partial successes in availability and security.

AB - The US Department of Defense has called for contest on automatic attack and defense. The contest is a competition, called Cyber Grand Challenge (CGC), aimed at developing cyber security systems. In accordance with the competition rules, we developed an automatic cyber reasoning system (CRS) that meets the objectives specified in the CGC. Our CRS combines the techniques of fuzz testing, fault localization, and binary patch creation to construct an automatic defense system. From the sample problems in the CGC, we evaluate our system and the binary patch capability by applying them to real programs. We explore two patching methods in five challenges in CGC with partial successes in availability and security.

KW - Cyber Grand Challenge (CGC)

KW - binary patch

KW - cyber reasoning system (CRS)

KW - fault localization

KW - fuzz testing

UR - http://www.scopus.com/inward/record.url?scp=84991807860&partnerID=8YFLogxK

U2 - 10.1109/QRS-C.2016.65

DO - 10.1109/QRS-C.2016.65

M3 - Conference contribution

AN - SCOPUS:84991807860

T3 - Proceedings - 2016 IEEE International Conference on Software Quality, Reliability and Security-Companion, QRS-C 2016

SP - 408

EP - 409

BT - Proceedings - 2016 IEEE International Conference on Software Quality, Reliability and Security-Companion, QRS-C 2016

PB - Institute of Electrical and Electronics Engineers Inc.

T2 - 2nd IEEE International Conference on Software Quality, Reliability and Security-Companion, QRS-C 2016

Y2 - 1 August 2016 through 3 August 2016

ER -

Chen HH, Zheng DQ, Huang SK. Automatic Defense through Fault Localization and Dynamic Patch Creation. In Proceedings - 2016 IEEE International Conference on Software Quality, Reliability and Security-Companion, QRS-C 2016. Institute of Electrical and Electronics Engineers Inc. 2016. p. 408-409. 7573780. (Proceedings - 2016 IEEE International Conference on Software Quality, Reliability and Security-Companion, QRS-C 2016). doi: 10.1109/QRS-C.2016.65

Automatic Defense through Fault Localization and Dynamic Patch Creation

Abstract

Publication series

Conference

Keywords

Access to Document

Other files and links

Fingerprint

Cite this