Prof. Angelos D. Keromytis

Software Failure Recovery via Error Virtualization

Software errors are frequently responsible for the limited availability of Internet Services, loss of data, and many security compromises. Self-healing using rescue points (RPs) is a mechanism that can be used to recover software from unforeseen errors until a more permanent remedy, like a patch or update, is available. I will discuss Error Virtualization using Rescue Points (RPs), a technique we developed for counter a large set of deterministic software failures. Our system, named REASSURE, can be applied on already running applications, while disabling and removing it is equally facile. We tested REASSURE with various applications, including the MySQL and Apache servers, and show that it allows them to successfully recover from errors, while incurring overhead between 1% and 115%. We also show that even under very adverse conditions, like their continuous bombardment with errors, REASSURE-protected applications remain operational. This talk will give the context for the development of self-healing mechanisms (including invention history and funding pathways), and discuss the technical aspects of REASSURE and related research.

About Angelos Keromytis:

Angelos Keromytis is an associate professor in the Computer Science department at Columbia University, in New York. He is also the director of the Network Security Lab. His general research interests are in systems and network security, and cryptography. His current interests revolve aroundsoftware hardening, system self-healing, network denial of service, information accountability, and privacy. In the past, he was an active participant in the IETF (Inernet Engineering Task Force), and in particular the IPsec and IPSP Working Groups. He occasionally contributed to the OpenBSD operating system: he was the primary author of the IPsec stack and the OpenBSD Cryptographic Framework (OCF), which was later ported to FreeBSD and NetBSD.Other large projects he worked on in the past include the KeyNote trust-management system and he STRONGMAN access control management system, the AEGIS secure bootstrap architecture and the SwitchWare Active Network architecture.
Find a more detailed CV here