7:00 PM, Thursday, 23 June 2016
MIT Room E51-315
Advanced Adaptive Applications (A3): Automated Zero-Day Defense
Aaron Paulos
A3 automates attack recovery to restore service, isolate attack inputs, and diagnose and repair vulnerabilities using filter generation and program repair. A3 is an execution management environment that defends Linux server applications against novel software attacks referred to as zero days. A3 applies targeted runtime mediation and automated workflows to make an application survivable and resilient to attack. A3 is shown to be effective at quickly restoring application functionality after an unknown attack, experimentally reconstructing and isolating the attack using record and replay, and then diagnosing and repairing underlying vulnerabilities using filter generation and program repair. A3 has been jointly evaluated with red teams including, MIT Lincoln Lab, SiGOV, and Sandia National Lab.
We describe the motivation and design of A3, and discuss ongoing research directions. We present results that highlight both the efficacy and efficiency of the technique. Our results are based upon our experiences in defending six unique server applications, ranging from webservers to command and control software.
Mr. Aaron Paulos is a computer scientist at BBN Technologies. Aaron is a principal investigator and technical lead on efforts related to secure and resilient systems that leverage adaptive computing. Prior to BBN, Aaron researched fault tolerance and assistive technologies for the blind at the EE department of Carnegie Mellon University. Aaron has an M.S. from the Information Network Institute at CMU, a B.S. in CS from the University of Pittsburgh, and is a member of ACM and IEEE.
This joint meeting of the Boston Chapter of the IEEE Computer and GBC/ACM will be held in MIT Room E51-315. E51 is the Tang Center on the corner of Wadsworth and Amherst Sts and Memorial Dr.; it's mostly used by the Sloan School. You can see it on this map of the MIT campus. Room 315 is on the 3rd floor.
Up-to-date information about this and other talks is available online at https://ewh.ieee.org/r1/boston/computer/. You can sign up to receive updated status information about this talk and informational emails about future talks at https://mailman.mit.edu/mailman/listinfo/ieee-cs, our self-administered mailing list.
Updated: May 12, 2016.