110 likes | 209 Views
Defensive Programming: Using an Annotation Toolkit to Build DoS-Resistant Software. Xiaohu Qie, Ruoming Pang and Larry Peterson. Presenter: Vaishnavi Sannidhanam Guide: Dr. Brian Bershad. Why DoS Attacks Occur?.
E N D
Defensive Programming: Using an Annotation Toolkit to Build DoS-Resistant Software Xiaohu Qie, Ruoming Pang and Larry Peterson. Presenter: Vaishnavi Sannidhanam Guide: Dr. Brian Bershad
Why DoS Attacks Occur? • The authors claim that Intrusion Detection Systems, Performance Monitoring, Static Code Analysis and inbuilt OS Mechanisms would all fail due to the lack of -- • proper anomaly detection techniques • appropriate methods to profile resource usage • fitting ways to monitor program execution and make decisions at run time • accounting for resource usage and service isolation
Toolkit • Qie, Pang and Peterson developed a toolkit that could annotate any code to monitor and control the program execution at runtime. Because of which, we can monitor and control resource usage at a finer level and hence can detect and protect the systems from DoS attacks.
API • The Toolkit’s API needs programmer’s motivation to include the macros into the program. • The API provides • Sensor and Actuator macros to detect and counter busy attacks • Progress and Pressure macros to detect and counter claim and hold attacks
Advantages • Offers fine grained intra process protection • Easy to use • Macros can be introduced systematically • Not much code to be added on part of the programmer
Disadvantages • Unnecessary overhead on the CPU. • Biased against low bandwidth users. • Estimating a good defensive policy is hard. • Resource usage identification in a program is non trivial.
Would Anyone Use This Toolkit? • The toolkit lays ground and throws light on how to protect systems and services from DoS attacks. • IRSA, CAS, WIPES all could be subjected to DoS attacks.
DoS on IRSA User 1 2:00 PM – 3:00 PM User 2 3:00 PM – 3:30 PM User Hacker Error Server
Toolkit on IRSA • We know what time slots are free and what time slots are allocated • PROGRESS_SENSOR (resid, p, prog) and TIME_SENSOR (max_time) macros can be used • If the program is spending all the time on a function that rejects admission with no other progress then there is a DoS attack.
Automation • Though it solves a smaller problem of providing an API that could monitor and control resource usage, this solution to the smaller problem would however inspire us to look into the bigger problem of how we could automate the process of introducing the macros provided by the toolkit into existing systems. • The process of automation needs to happen for • Disjoint Services & • Nested Services
Questions To Ask • Can we do automation? • If so • How? • Naïve Method: • List out what services are being provided by the system, map them to the resources they use, write a function that does a basic search-replace of read, write, connect, bind, close…with the specific macro and the function. • And an interface can be designed that helps the programmer/administrator set the various parameters passed to the macros. • Can it be generalized? • And with how much effort?