TY - GEN
T1 - Piston
T2 - 33rd Annual Computer Security Applications Conference, ACSAC 2017
AU - Salls, Christopher
AU - Shoshitaishvili, Yan
AU - Stephens, Nick
AU - Kruegel, Christopher
AU - Vigna, Giovanni
N1 - Copyright:
Copyright 2018 Elsevier B.V., All rights reserved.
PY - 2017/12/4
Y1 - 2017/12/4
N2 - While software is now being developed with more sophisticated tools, its complexity has increased considerably, and, as a consequence new vulnerabilities are discovered every day. To address the constant flow of vulnerabilities being identified, patches are frequently being pushed to consumers. Patches, however, often involve having to shutdown services in order to be applied, which can result in expensive downtime. To solve this problem, various hot-patching systems have been devised to patch systems without the need for restarting. These systems often require either the cooperation of the system or the process they are patching. This still leaves out a considerable amount of systems, most notably embedded devices, which remain unable to be hot-patched. We present Piston, a generic system for the remote hot-patching of uninterruptible software that operates without the system's cooperation. Piston achieves this by using an exploit to take control of the remote process and modify its code on-The-fly. Piston works directly on binary code and is capable of automatically counter-Acting the destructive effects on memory that might be the result of the exploitation.
AB - While software is now being developed with more sophisticated tools, its complexity has increased considerably, and, as a consequence new vulnerabilities are discovered every day. To address the constant flow of vulnerabilities being identified, patches are frequently being pushed to consumers. Patches, however, often involve having to shutdown services in order to be applied, which can result in expensive downtime. To solve this problem, various hot-patching systems have been devised to patch systems without the need for restarting. These systems often require either the cooperation of the system or the process they are patching. This still leaves out a considerable amount of systems, most notably embedded devices, which remain unable to be hot-patched. We present Piston, a generic system for the remote hot-patching of uninterruptible software that operates without the system's cooperation. Piston achieves this by using an exploit to take control of the remote process and modify its code on-The-fly. Piston works directly on binary code and is capable of automatically counter-Acting the destructive effects on memory that might be the result of the exploitation.
UR - http://www.scopus.com/inward/record.url?scp=85038914195&partnerID=8YFLogxK
UR - http://www.scopus.com/inward/citedby.url?scp=85038914195&partnerID=8YFLogxK
U2 - 10.1145/3134600.3134611
DO - 10.1145/3134600.3134611
M3 - Conference contribution
AN - SCOPUS:85038914195
T3 - ACM International Conference Proceeding Series
SP - 141
EP - 153
BT - Proceedings - 33rd Annual Computer Security Applications Conference, ACSAC 2017
PB - Association for Computing Machinery
Y2 - 4 December 2017 through 8 December 2017
ER -