A new approach for managing bugs in computer software has been developed by a team led by Prof. George Candea at EPFL. The latest version of Dimmunix, available for free download, enables entire networks of computers to cooperate in order to collectively avoid the manifestations of bugs in software.

A new IT tool, developed by the Dependable Systems Lab at EPFL in Switzerland, called "Dimmunix," enables programs to avoid future recurrences of bugs without any assistance from users or programmers. The approach, termed "failure immunity," starts working the first time a bug occurs -- it saves a signature of the bug, then observes how the computer reacts, and records a trace. When the bug is about to manifest again, Dimmunix uses these traces to rec-ognize the bug and automatically alters the execution so the program continues to run smooth-ly. With Dimmunix, your Web browser learns how to avoid freezing a second time when bugs associated with, for example, plug-ins occur. Going a step further, the latest version uses cloud computing technology to take advantage of networks and thereby inoculating entire communities of computers.

by Larry Hardesty

 
A new MIT programming tool would automatically plug holes that hackers exploit.
 

More and more, malicious hackers are exploiting web site security holes to attack their victims' computers. Programmers try to identify those holes in advance and plug them with code that performs security checks; but if they find a hundred holes and miss one, their programs are still insecure. At next week's ACM Symposium on Operating Systems Principles, however, MIT researchers will present a new system called Resin, which automatically calls up security checks whenever they're required, even in unforeseen circumstances.

by Eric Frazier

Computer security mimics nature

In the never-ending battle to protect computer networks from intruders, security experts are deploying a new defense modeled after one of nature’s hardiest creatures — the ant.

Unlike traditional security devices, which are static, these “digital ants” wander through computer networks looking for threats, such as “computer worms” — self-replicating programs designed to steal information or facilitate unauthorized use of machines. When a digital ant detects a threat, it doesn’t take long for an army of ants to converge at that location, drawing the attention of human operators who step in to investigate.

Computer scientists demonstrated that criminals could hack an electronic voting machine and steal votes using a malicious programming approach that had not been invented when the voting machine was designed. The team of scientists from University of California, San Diego, the University of Michigan, and Princeton University employed “return-oriented programming” to force a Sequoia AVC Advantage electronic voting machine to turn against itself and steal votes.

 “Voting machines must remain secure throughout their entire service lifetime, and this study demonstrates how a relatively new programming technique can be used to take control of a voting machine that was designed to resist takeover, but that did not anticipate this new kind of malicious programming,” said Hovav Shacham, a professor of computer science at UC San Diego’s Jacobs School of Engineering and an author on the new study presented on August 10, 2009 at the 2009 Electronic Voting Technology Workshop / Workshop on Trustworthy Elections (EVT/WOTE 2009), the premier academic forum for voting security research.

We have 61 guests and no members online

This news service is provided by Good Samaritan Institute, located in Santa Rosa Beach, Florida.

WE PUBLISH PEER_REVIEWED SCIENCE
GSI is a non-profit dedicated to the advancement of medical research by improving communication among scientists.