CERIAS - Center for Education and Research in Information Assurance and Security

Skip Navigation
Purdue University - Discovery Park
Center for Education and Research in Information Assurance and Security

Toward Self-healing Software

Dr. Angelos D. Keromytis - Columbia

Oct 19, 2005

Size: 204.1MB

Download: Video Icon MP4 Video  
Watch in your Browser   Watch on Youtube Watch on YouTube


As systems grow in size and complexity, our ability to protect them through manual intervention or static defenses degrades. We believe
that, in addition to proper design principles and proactive mechanisms,
automated reactive approaches must be employed to close the gap in
the attacker vs. defender capabilities. Toward this goal, we have
been examining the possibility of software systems that self-diagnose
and repair themselves in the presence of previously unknown attacks
and failures, with minimal or no human intervention.

In this talk, I will discuss our research in self-healing software
systems. I will introduce the concepts of "micro-speculation" and
"error virtualization", which can be combined to provide a generic
mechanism for dealing with low-level software failures and vulnerabilities. I will describe the use of these techniques in
two system prototypes of self-healing software that address such vulnerabilities: the Worm Vaccine architecture and STEM (Selective
Transactional EMulation). I will close the talk with a discussion
of our preliminary work toward software Application Communities,
groups of identical instances of an application that cooperate
to improve their collective security.

About the Speaker

Angelos Keromytis is an Assistant Professor of Computer Science at
Columbia University. He received his MS and PhD from the
University of Pennsylvania, and his BS (all in Computer
Science) from the University of Crete, in Greece. His research
interests include network and system survivability, authorization and
access control, and large-scale systems security. In a previous life,
he had enough time to contribute code to the OpenBSD project. His
increasingly outdated home page can be found at

Unless otherwise noted, the security seminar is held on Wednesdays at 4:30P.M. STEW G52, West Lafayette Campus. More information...


The views, opinions and assumptions expressed in these videos are those of the presenter and do not necessarily reflect the official policy or position of CERIAS or Purdue University. All content included in these videos, are the property of Purdue University, the presenter and/or the presenter’s organization, and protected by U.S. and international copyright laws. The collection, arrangement and assembly of all content in these videos and on the hosting website exclusive property of Purdue University. You may not copy, reproduce, distribute, publish, display, perform, modify, create derivative works, transmit, or in any other way exploit any part of copyrighted material without permission from CERIAS, Purdue University.