Title:
Securing software systems by preventing information leaks
Securing software systems by preventing information leaks
dc.contributor.advisor | Lee, Wenke | |
dc.contributor.advisor | Kim, Taesoo | |
dc.contributor.author | Lu, Kangjie | |
dc.contributor.committeeMember | Backes, Michael | |
dc.contributor.committeeMember | Gao, Debin | |
dc.contributor.committeeMember | Ahamad, Mustaque | |
dc.contributor.committeeMember | Harris, William R. | |
dc.contributor.department | Computer Science | |
dc.date.accessioned | 2017-08-17T19:02:10Z | |
dc.date.available | 2017-08-17T19:02:10Z | |
dc.date.created | 2017-08 | |
dc.date.issued | 2017-07-31 | |
dc.date.submitted | August 2017 | |
dc.date.updated | 2017-08-17T19:02:10Z | |
dc.description.abstract | Foundational software systems such as operating systems and web servers are implemented in unsafe programming languages for efficiency, and system designers often prioritize performance over security. Hence, these systems inherently suffer from a variety of vulnerabilities and insecure designs that have been exploited by adversaries to launch critical system attacks. Two typical goals of these attacks are to leak sensitive data and to control victim systems. This thesis aims to defeat both data leaks and control attacks. We first identify that, in modern systems, preventing information leaks can be a general defense that not only stops data leaks but also defeats control attacks. We then investigate three ways to prevent information leaks: eliminating information-leak vulnerabilities, re-designing system mechanisms against information leaks, and protecting certain sensitive data from information leaks. We have developed multiple tools for each way. While automatically and reliably securing complex systems, all these tools impose negligible performance overhead. Our extensive evaluation results show that preventing information leaks can be a general and practical approach to securing complex software systems. | |
dc.description.degree | Ph.D. | |
dc.format.mimetype | application/pdf | |
dc.identifier.uri | http://hdl.handle.net/1853/58749 | |
dc.language.iso | en_US | |
dc.publisher | Georgia Institute of Technology | |
dc.subject | System security | |
dc.subject | Vulnerability | |
dc.subject | Control-flow attack | |
dc.subject | Information leak | |
dc.subject | ASLR | |
dc.subject | Re-randomization | |
dc.subject | Replicated execution | |
dc.subject | Uninitialized-data use | |
dc.title | Securing software systems by preventing information leaks | |
dc.type | Text | |
dc.type.genre | Dissertation | |
dspace.entity.type | Publication | |
local.contributor.advisor | Lee, Wenke | |
local.contributor.advisor | Kim, Taesoo | |
local.contributor.corporatename | College of Computing | |
local.contributor.corporatename | School of Computer Science | |
relation.isAdvisorOfPublication | c2f2a105-702f-45e4-a8a3-4ca5eb3d0eec | |
relation.isAdvisorOfPublication | e96debb0-758f-49d4-8ed9-307227ecad78 | |
relation.isOrgUnitOfPublication | c8892b3c-8db6-4b7b-a33a-1b67f7db2021 | |
relation.isOrgUnitOfPublication | 6b42174a-e0e1-40e3-a581-47bed0470a1e | |
thesis.degree.level | Doctoral |