Rapid Vulnerability Mitigation with Security Workarounds | Zendy

Zhen Huang | Zendy; Gang Tan | Zendy

AI Assistant Blog Pricing

Home ZAIA Blog

Open Access

Rapid Vulnerability Mitigation with Security Workarounds

Author(s) -

Zhen Huang,

Gang Tan

Publication year - 2019

Language(s) - English

Resource type - Conference proceedings

DOI - 10.14722/bar.2019.23052

Subject(s) - workaround , vulnerability (computing) , computer science , vulnerability assessment , computer security , risk analysis (engineering) , business , medicine , programming language , psychiatry , psychological intervention

The existence of pre-patch windows allows adversaries to exploit vulnerabilities before they are patched. Prior work has proposed to harden programs with security workarounds to enable users to mitigate vulnerabilities before a patch is available. However, it requires access to the source code of the programs. This paper introduces RVM, an approach to automatically hardening binary code with security workarounds. RVM statically analyzes binary code of programs to identify error-handling code in the programs, in order to synthesize security workarounds. We designed and implemented a prototype of RVM for Windows and Linux binaries. We evaluate the coverage and performance of RVM on binaries of popular Windows and Linux applications containing real-world vulnerabilities.

The content you want is available to Zendy users.

Already have an account? Click here to sign in.

Having issues? You can contact us here

Accelerating Research