Towards a science for adaptive defense: Revisit server protection

Zhisheng Hu, Ping Chen, Yang Lu, Minghui Zhu, Peng Liu

Research output: Chapter in Book/Report/Conference proceedingConference contribution

1 Citation (Scopus)

Abstract

Suffering from the big "hit" by the Heartbleed attack, the society has learned one hard lesson, namely, the severity of zero-day continuous buffer over-read attacks. According to a survey on Heartbleed, 24-55% of HTTPS servers in the Alexa Top 1 Million were initially vulnerable to Heartbleed, including 44 of the Alexa Top 100. The Heartbleed attack is continuous buffer over-read: it usually lasts several hours, involving hundreds of thousands of probing (buffer over-read) requests. In most cases, a short period of time is insufficient for the attacker to achieve his/her goal. This paper presents our recent work on the development of adaptive defense systems which can practically defend against zero-day continuous buffer overread attacks; i.e., Heartbleed-like attacks and data structure manipulation attacks, and meanwhile whose cost-effectiveness is mathematically provable.

Original languageEnglish (US)
Title of host publicationProceedings - 2016 IEEE 2nd International Conference on Collaboration and Internet Computing, IEEE CIC 2016
PublisherInstitute of Electrical and Electronics Engineers Inc.
Pages112-121
Number of pages10
ISBN (Electronic)9781509046072
DOIs
StatePublished - Jan 6 2017
Event2nd IEEE International Conference on Collaboration and Internet Computing, IEEE CIC 2016 - Pittsburgh, United States
Duration: Nov 1 2016Nov 3 2016

Publication series

NameProceedings - 2016 IEEE 2nd International Conference on Collaboration and Internet Computing, IEEE CIC 2016

Other

Other2nd IEEE International Conference on Collaboration and Internet Computing, IEEE CIC 2016
CountryUnited States
CityPittsburgh
Period11/1/1611/3/16

Fingerprint

Cost effectiveness
manipulation
Data structures
Servers
costs
science
Society
time

All Science Journal Classification (ASJC) codes

  • Computer Networks and Communications
  • Safety, Risk, Reliability and Quality
  • Sociology and Political Science

Cite this

Hu, Z., Chen, P., Lu, Y., Zhu, M., & Liu, P. (2017). Towards a science for adaptive defense: Revisit server protection. In Proceedings - 2016 IEEE 2nd International Conference on Collaboration and Internet Computing, IEEE CIC 2016 (pp. 112-121). [7809698] (Proceedings - 2016 IEEE 2nd International Conference on Collaboration and Internet Computing, IEEE CIC 2016). Institute of Electrical and Electronics Engineers Inc.. https://doi.org/10.1109/CIC.2016.25
Hu, Zhisheng ; Chen, Ping ; Lu, Yang ; Zhu, Minghui ; Liu, Peng. / Towards a science for adaptive defense : Revisit server protection. Proceedings - 2016 IEEE 2nd International Conference on Collaboration and Internet Computing, IEEE CIC 2016. Institute of Electrical and Electronics Engineers Inc., 2017. pp. 112-121 (Proceedings - 2016 IEEE 2nd International Conference on Collaboration and Internet Computing, IEEE CIC 2016).
@inproceedings{d1753df9db0b466999a0b8b1cdb4182a,
title = "Towards a science for adaptive defense: Revisit server protection",
abstract = "Suffering from the big {"}hit{"} by the Heartbleed attack, the society has learned one hard lesson, namely, the severity of zero-day continuous buffer over-read attacks. According to a survey on Heartbleed, 24-55{\%} of HTTPS servers in the Alexa Top 1 Million were initially vulnerable to Heartbleed, including 44 of the Alexa Top 100. The Heartbleed attack is continuous buffer over-read: it usually lasts several hours, involving hundreds of thousands of probing (buffer over-read) requests. In most cases, a short period of time is insufficient for the attacker to achieve his/her goal. This paper presents our recent work on the development of adaptive defense systems which can practically defend against zero-day continuous buffer overread attacks; i.e., Heartbleed-like attacks and data structure manipulation attacks, and meanwhile whose cost-effectiveness is mathematically provable.",
author = "Zhisheng Hu and Ping Chen and Yang Lu and Minghui Zhu and Peng Liu",
year = "2017",
month = "1",
day = "6",
doi = "10.1109/CIC.2016.25",
language = "English (US)",
series = "Proceedings - 2016 IEEE 2nd International Conference on Collaboration and Internet Computing, IEEE CIC 2016",
publisher = "Institute of Electrical and Electronics Engineers Inc.",
pages = "112--121",
booktitle = "Proceedings - 2016 IEEE 2nd International Conference on Collaboration and Internet Computing, IEEE CIC 2016",
address = "United States",

}

Hu, Z, Chen, P, Lu, Y, Zhu, M & Liu, P 2017, Towards a science for adaptive defense: Revisit server protection. in Proceedings - 2016 IEEE 2nd International Conference on Collaboration and Internet Computing, IEEE CIC 2016., 7809698, Proceedings - 2016 IEEE 2nd International Conference on Collaboration and Internet Computing, IEEE CIC 2016, Institute of Electrical and Electronics Engineers Inc., pp. 112-121, 2nd IEEE International Conference on Collaboration and Internet Computing, IEEE CIC 2016, Pittsburgh, United States, 11/1/16. https://doi.org/10.1109/CIC.2016.25

Towards a science for adaptive defense : Revisit server protection. / Hu, Zhisheng; Chen, Ping; Lu, Yang; Zhu, Minghui; Liu, Peng.

Proceedings - 2016 IEEE 2nd International Conference on Collaboration and Internet Computing, IEEE CIC 2016. Institute of Electrical and Electronics Engineers Inc., 2017. p. 112-121 7809698 (Proceedings - 2016 IEEE 2nd International Conference on Collaboration and Internet Computing, IEEE CIC 2016).

Research output: Chapter in Book/Report/Conference proceedingConference contribution

TY - GEN

T1 - Towards a science for adaptive defense

T2 - Revisit server protection

AU - Hu, Zhisheng

AU - Chen, Ping

AU - Lu, Yang

AU - Zhu, Minghui

AU - Liu, Peng

PY - 2017/1/6

Y1 - 2017/1/6

N2 - Suffering from the big "hit" by the Heartbleed attack, the society has learned one hard lesson, namely, the severity of zero-day continuous buffer over-read attacks. According to a survey on Heartbleed, 24-55% of HTTPS servers in the Alexa Top 1 Million were initially vulnerable to Heartbleed, including 44 of the Alexa Top 100. The Heartbleed attack is continuous buffer over-read: it usually lasts several hours, involving hundreds of thousands of probing (buffer over-read) requests. In most cases, a short period of time is insufficient for the attacker to achieve his/her goal. This paper presents our recent work on the development of adaptive defense systems which can practically defend against zero-day continuous buffer overread attacks; i.e., Heartbleed-like attacks and data structure manipulation attacks, and meanwhile whose cost-effectiveness is mathematically provable.

AB - Suffering from the big "hit" by the Heartbleed attack, the society has learned one hard lesson, namely, the severity of zero-day continuous buffer over-read attacks. According to a survey on Heartbleed, 24-55% of HTTPS servers in the Alexa Top 1 Million were initially vulnerable to Heartbleed, including 44 of the Alexa Top 100. The Heartbleed attack is continuous buffer over-read: it usually lasts several hours, involving hundreds of thousands of probing (buffer over-read) requests. In most cases, a short period of time is insufficient for the attacker to achieve his/her goal. This paper presents our recent work on the development of adaptive defense systems which can practically defend against zero-day continuous buffer overread attacks; i.e., Heartbleed-like attacks and data structure manipulation attacks, and meanwhile whose cost-effectiveness is mathematically provable.

UR - http://www.scopus.com/inward/record.url?scp=85013141215&partnerID=8YFLogxK

UR - http://www.scopus.com/inward/citedby.url?scp=85013141215&partnerID=8YFLogxK

U2 - 10.1109/CIC.2016.25

DO - 10.1109/CIC.2016.25

M3 - Conference contribution

AN - SCOPUS:85013141215

T3 - Proceedings - 2016 IEEE 2nd International Conference on Collaboration and Internet Computing, IEEE CIC 2016

SP - 112

EP - 121

BT - Proceedings - 2016 IEEE 2nd International Conference on Collaboration and Internet Computing, IEEE CIC 2016

PB - Institute of Electrical and Electronics Engineers Inc.

ER -

Hu Z, Chen P, Lu Y, Zhu M, Liu P. Towards a science for adaptive defense: Revisit server protection. In Proceedings - 2016 IEEE 2nd International Conference on Collaboration and Internet Computing, IEEE CIC 2016. Institute of Electrical and Electronics Engineers Inc. 2017. p. 112-121. 7809698. (Proceedings - 2016 IEEE 2nd International Conference on Collaboration and Internet Computing, IEEE CIC 2016). https://doi.org/10.1109/CIC.2016.25