Protecting Your Local Host
From Remote Security Attacks

Overview

A New View

DynInst: Dynamic Instrumentation

Condor Attack: Lurking Jobs

Condor Attack: Lurking Jobs

Condor Attack: Lurking Jobs

Condor Attack: Lurking Jobs

Condor Attack: Lurking Jobs

Condor Attack: Lurking Jobs

Condor Attack: Lurking Jobs

Can We Safely Execute
Our Jobs Remotely?

Countering Remote Attacks

Execution Monitoring

Execution Monitoring

Execution Monitoring

Model Construction

Control Flow Graph
Generation

Control Flow Graph
Translation

Interprocedural Model
Generation

Interprocedural Model
Generation

Interprocedural Model
Generation

Interprocedural Model
Generation

Interprocedural Model
Generation

Possible
Paths

Possible
Paths

Impossible
Paths

Impossible
Paths

Adding Context
Sensitivity

Rewriting User Job

Null Call
Insertion

Null Call
Insertion

Call Site Renaming

Call Site Renaming

Call Site Renaming

Call Site Renaming

Call Site Renaming

Prototype Implementation

Test Programs

Precision Metric

Slide 41

Null Call Costs:
Monitoring Overhead & Bandwidth

Slide 43

Important Ideas

Protecting Your Local Host
From Remote Security Attacks