Home // ADAPTIVE 2014, The Sixth International Conference on Adaptive and Self-Adaptive Systems and Applications // View article

Automated Fault Analysis and Filter Generation for Adaptive Cybersecurity

Authors:
David Musliner
Scott Friedman
Jeffrey Rye

Keywords: cyber defense; automatic filter generation

Abstract:
We are developing the FUZZBUSTER system to auto- matically identify software vulnerabilities and create adaptations that shield or repair those vulnerabilities before attackers can exploit them. Adaptive cybersecurity involves efficiently improving software security to minimize the window of attack, and also preserving software functionality as much as possible. This paper presents new tools that have been integrated into FUZZBUSTER adaptive cybersecurity. These tools produce more general, accurate adaptations, increase the efficiency of FUZZBUSTER’s diagnoses and adaptation operations, and preserve the software’s functionality. We report the results of FUZZBUSTER’s analysis of 16 fault-injected command-line binaries and six previously known bugs in the Apache web server. We compare results over different configurations of FUZZBUSTER to characterize the benefits of the new fuzz-testing tools.

Pages: 56 to 62

Copyright: Copyright (c) IARIA, 2014

Publication date: May 25, 2014

Published in: conference

ISSN: 2308-4146

ISBN: 978-1-61208-341-4

Location: Venice, Italy

Dates: from May 25, 2014 to May 29, 2014