Title:
Securing software systems by preventing information leaks

dc.contributor.advisor Lee, Wenke
dc.contributor.advisor Kim, Taesoo
dc.contributor.author Lu, Kangjie
dc.contributor.committeeMember Backes, Michael
dc.contributor.committeeMember Gao, Debin
dc.contributor.committeeMember Ahamad, Mustaque
dc.contributor.committeeMember Harris, William R.
dc.contributor.department Computer Science
dc.date.accessioned 2017-08-17T19:02:10Z
dc.date.available 2017-08-17T19:02:10Z
dc.date.created 2017-08
dc.date.issued 2017-07-31
dc.date.submitted August 2017
dc.date.updated 2017-08-17T19:02:10Z
dc.description.abstract Foundational software systems such as operating systems and web servers are implemented in unsafe programming languages for efficiency, and system designers often prioritize performance over security. Hence, these systems inherently suffer from a variety of vulnerabilities and insecure designs that have been exploited by adversaries to launch critical system attacks. Two typical goals of these attacks are to leak sensitive data and to control victim systems. This thesis aims to defeat both data leaks and control attacks. We first identify that, in modern systems, preventing information leaks can be a general defense that not only stops data leaks but also defeats control attacks. We then investigate three ways to prevent information leaks: eliminating information-leak vulnerabilities, re-designing system mechanisms against information leaks, and protecting certain sensitive data from information leaks. We have developed multiple tools for each way. While automatically and reliably securing complex systems, all these tools impose negligible performance overhead. Our extensive evaluation results show that preventing information leaks can be a general and practical approach to securing complex software systems.
dc.description.degree Ph.D.
dc.format.mimetype application/pdf
dc.identifier.uri http://hdl.handle.net/1853/58749
dc.language.iso en_US
dc.publisher Georgia Institute of Technology
dc.subject System security
dc.subject Vulnerability
dc.subject Control-flow attack
dc.subject Information leak
dc.subject ASLR
dc.subject Re-randomization
dc.subject Replicated execution
dc.subject Uninitialized-data use
dc.title Securing software systems by preventing information leaks
dc.type Text
dc.type.genre Dissertation
dspace.entity.type Publication
local.contributor.advisor Lee, Wenke
local.contributor.advisor Kim, Taesoo
local.contributor.corporatename College of Computing
local.contributor.corporatename School of Computer Science
relation.isAdvisorOfPublication c2f2a105-702f-45e4-a8a3-4ca5eb3d0eec
relation.isAdvisorOfPublication e96debb0-758f-49d4-8ed9-307227ecad78
relation.isOrgUnitOfPublication c8892b3c-8db6-4b7b-a33a-1b67f7db2021
relation.isOrgUnitOfPublication 6b42174a-e0e1-40e3-a581-47bed0470a1e
thesis.degree.level Doctoral
Files
Original bundle
Now showing 1 - 1 of 1
Thumbnail Image
Name:
LU-DISSERTATION-2017.pdf
Size:
1.71 MB
Format:
Adobe Portable Document Format
Description:
License bundle
Now showing 1 - 1 of 1
No Thumbnail Available
Name:
LICENSE.txt
Size:
3.86 KB
Format:
Plain Text
Description: