Visible to the public Biblio

Filters: Author is Clark, Shane  [Clear All Filters]
2019-03-04
Benyo, Brett, Clark, Shane, Paulos, Aaron, Pal, Partha.  2018.  HYDRA: Hypothesis Driven Repair Automation. Proceedings of the 13th International Conference on Availability, Reliability and Security. :8:1–8:10.
HYDRA is an automated mechanism to repair code in response to successful attacks. Given a set of malicious inputs that include the attack and a set of benign inputs that do not, along with an ability to test the victim application with these labelled inputs, HYDRA quickly provides rank ordered patches to close the exploited vulnerability. HYDRA also produces human-readable summaries of its findings and repair actions to aid the manual vulnerability mitigation process. We tested HYDRA using 8 zero-days, HYDRA produced patches that stopped the attacks in all 8 cases and preserved application functionality in 7 of the 8 cases.