ML p(r)ior | DoubleTake: Fast and Precise Error Detection via Evidence-Based Dynamic Analysis

DoubleTake: Fast and Precise Error Detection via Evidence-Based Dynamic Analysis

2016-01-29
This paper presents evidence-based dynamic analysis, an approach that enables lightweight analyses--under 5% overhead for these bugs--making it practical for the first time to perform these analyses in deployed settings. The key insight of evidence-based dynamic analysis is that for a class of errors, it is possible to ensure that evidence that they happened at some point in the past remains for later detection. Evidence-based dynamic analysis allows execution to proceed at nearly full speed until the end of an epoch (e.g., a heavyweight system call). It then examines program state to check for evidence that an error occurred at some time during that epoch. If so, it rolls back execution and re-executes the code with instrumentation activated to pinpoint the error. We present DoubleTake, a prototype evidence-based dynamic analysis framework. DoubleTake is practical and easy to deploy, requiring neither custom hardware, compiler, nor operating system support. We demonstrate DoubleTake's generality and efficiency by building dynamic analyses that find buffer overflows, memory use-after-free errors, and memory leaks. Our evaluation shows that DoubleTake is efficient, imposing just 4% overhead on average, making it the fastest such system to date. It is also precise: DoubleTake pinpoints the location of these errors to the exact line and memory addresses where they occur, providing valuable debugging information to programmers.
PDF

Highlights - Most important sentences from the article

Login to like/save this paper, take notes and configure your recommendations

Related Articles

2017-06-30

One of the major open challenges in self-driving cars is the ability to detect cars and pedestrians … show more
PDF

Highlights - Most important sentences from the article

2019-05-22

Out-of-order execution and speculative execution are among the biggest contributors to performance a… show more
PDF

Highlights - Most important sentences from the article

2018-12-04

DIFT (Dynamic Information Flow Tracking) has been a hot topic for more than a decade. Unfortunately,… show more
PDF

Highlights - Most important sentences from the article

2019-02-22

Data-oriented attacks manipulate non-control data to alter a program's benign behavior without viola… show more
PDF

Highlights - Most important sentences from the article

2019-02-13

Programs written in C/C++ can suffer from serious memory fragmentation, leading to low utilization o… show more
PDF

Highlights - Most important sentences from the article

2019-03-11

The deployment of large-scale distributed systems, e.g., publish-subscribe platforms, that operate o… show more
PDF

Highlights - Most important sentences from the article

2019-02-13

Monitoring kernel object modification of virtual machine is widely used by virtual-machine-introspec… show more
PDF

Highlights - Most important sentences from the article

2019-01-27

Computing-in-Memory (CiM) architectures aim to reduce costly data transfers by performing arithmetic… show more
PDF

Highlights - Most important sentences from the article

2019-05-06

Static analyses aspire to explore all possible executions in order to achieve soundness. Yet, in pra… show more
PDF

Highlights - Most important sentences from the article

2018-07-02

Transient gradual typing imposes run-time type tests that typically cause a linear slowdown in progr… show more
PDF

Highlights - Most important sentences from the article

2019-02-18

Modern software systems heavily use C/C++ based libraries. Because of the weak memory model of C/C++… show more
PDF

Highlights - Most important sentences from the article

2018-09-28

Despite huge software engineering efforts and programming language support, resource and memory leak… show more
PDF

Highlights - Most important sentences from the article

2018-12-11

Exploitation of heap vulnerabilities has been on the rise, leading to many devastating attacks. Conv… show more
PDF

Highlights - Most important sentences from the article

2018-12-04

Most of hardware-assisted solutions for software security, program monitoring, and event-checking ap… show more
PDF

Highlights - Most important sentences from the article

2019-04-29

This paper presents the Userspace Integrity Measurement Toolkit (USIM Toolkit), a set of integrity m… show more
PDF

Highlights - Most important sentences from the article