Towards an approach for automatically repairing compromised network systems

Towards an approach for automatically repairing compromised network systems

The widely accepted method to repair a compromised system is to wipe the system clean and reinstall. We think that there may be alternative methods. Specifically, we envision systems that are capable of automatically recovering from system compromises. Our proposed approach is a repair agent that re...

Ausführliche Beschreibung

Gespeichert in:
Bibliographische Detailangaben
Hauptverfasser: Grizzard, J.B., Krasser, S., Owen, H.L., Conti, G.J., Dodson, E.R.
Format: Tagungsbericht
Sprache:eng
Schlagworte:
Application software
Computer applications
Computer errors
Computer networks
Educational institutions
Hardware
Humans
Kernel
Operating systems
Virtual machining
Online-Zugang:Volltext bestellen
Tags: Tag hinzufügen
Keine Tags, Fügen Sie den ersten Tag hinzu!
Beschreibung
Zusammenfassung:The widely accepted method to repair a compromised system is to wipe the system clean and reinstall. We think that there may be alternative methods. Specifically, we envision systems that are capable of automatically recovering from system compromises. Our proposed approach is a repair agent that resides in an isolated area on the system. We use a virtual machine approach to isolate the repair agent. The repair agent should roll back any undesirable changes, determine the point of entry, and prevent further compromise.
DOI:10.1109/NCA.2004.1347806