Piston: Uncooperative remote runtime patching

Christopher Salls, Yan Shoshitaishvili, Nick Stephens, Christopher Kruegel, Giovanni Vigna

Research output: Chapter in Book/Report/Conference proceedingConference contribution

1 Scopus citations

Abstract

While software is now being developed with more sophisticated tools, its complexity has increased considerably, and, as a consequence new vulnerabilities are discovered every day. To address the constant flow of vulnerabilities being identified, patches are frequently being pushed to consumers. Patches, however, often involve having to shutdown services in order to be applied, which can result in expensive downtime. To solve this problem, various hot-patching systems have been devised to patch systems without the need for restarting. These systems often require either the cooperation of the system or the process they are patching. This still leaves out a considerable amount of systems, most notably embedded devices, which remain unable to be hot-patched. We present Piston, a generic system for the remote hot-patching of uninterruptible software that operates without the system's cooperation. Piston achieves this by using an exploit to take control of the remote process and modify its code on-The-fly. Piston works directly on binary code and is capable of automatically counter-Acting the destructive effects on memory that might be the result of the exploitation.

Original languageEnglish (US)
Title of host publicationProceedings - 33rd Annual Computer Security Applications Conference, ACSAC 2017
PublisherAssociation for Computing Machinery
Pages141-153
Number of pages13
ISBN (Electronic)9781450353458
DOIs
StatePublished - Dec 4 2017
Event33rd Annual Computer Security Applications Conference, ACSAC 2017 - Orlando, United States
Duration: Dec 4 2017Dec 8 2017

Publication series

NameACM International Conference Proceeding Series
VolumePart F132521

Other

Other33rd Annual Computer Security Applications Conference, ACSAC 2017
CountryUnited States
CityOrlando
Period12/4/1712/8/17

ASJC Scopus subject areas

  • Software
  • Human-Computer Interaction
  • Computer Vision and Pattern Recognition
  • Computer Networks and Communications

Fingerprint Dive into the research topics of 'Piston: Uncooperative remote runtime patching'. Together they form a unique fingerprint.

Cite this