William R. Mahoney
Abstract
An emerging software engineering paradigm, Aspect-Oriented Programming, can be used to facilitate moving common interests or requirements from individual software functions into a separate module. Aspect code is woven into the software on either a static (compilation) basis or dynamic (runtime) basis. Existing systems necessitate the use of syntactic sugar. which is added to programs to indicate the join points in the software where aspects could potentially be applied. Static weaving inserts code, at compilation time, into these join points, while dynamic weaving might compile in code which can be activated at runtime.
This paper describes a new approach to the implementation of dynamic aspects in C/C++. Our method uses a tool which operates using the GCC compiler suite on Linux; it is a runtime event monitoring system we call "dynamicHook". The tool tests each potential join point at run time for the required activation of advice. If advice code is necessary at the join point it is loaded on the fly from shared libraries, retained for future use, and called dynamically.
No additions or modifications to the source code need to be made other than recompiling and linking in our library. The tool is thus targeted at adding aspect oriented methodologies to existing C/C++ code. We have demonstrated the tool by obtaining open-source web servers and adding dynamic aspects dealing with security and intrusion detection.
- Almajali, S., Elrad, T.: "A Dynamic Aspect Oriented C++ Using MOP with Minimal Hook". Proceedings of the 2003 Dynamic Aspect Workshop (DAW04 2003), RIACS Technical Report 04.01, March, 2004, Lancaster, UK.Google Scholar
- Aussmann, S., Haupt, M.: "Axon -- Dynamic AOP through Runtime Inspection and Monitoring". First workshop on advancing the state-of-the-art in Runtime inspection (ASARTI'03), 2003Google Scholar
- Baratloo, Arash, Navjot Singh, Timothy Tsai: "Transparent Run-time Defense Against Stack Smashing Attacks", Proceedings of the 2000 USENIX Annual Technical Conference, San Diego, California, 2000. Google ScholarDigital Library
- Bockisch, C., Haupt, M., Mezini, M., Ostermann, K.: "Virtual Machine Support for Dynamic Join Points", Proceeding of the 3rd International Conference on Aspect-Oriented Software Development (AOSD 2004), March 2004. Lancaster, UK Google ScholarDigital Library
- Bonér, J.: "AspectWerkz -- Dynamic AOP for Java", Proceeding of the 3rd International Conference on Aspect-Oriented Software Development (AOSD 2004), March 2004, Lancaster, UKGoogle Scholar
- Buck, Bryan, Jeffrey K. Hollingsworth. "An API for Runtime Code Patching". Journal of Supercomputing Applications and High Performance Computing. (Yet to be published but available at http://www.dyninst.org/papers/apiPreprint.pdf) Google ScholarDigital Library
- Chiueh, Tzi-cker, Fu-Hau Hsu, "RAD: A Compile-Time Solution to Buffer Overflow Attacks", 21st IEEE International Conference on Distributed Computing Systems, 2001. Google ScholarDigital Library
- Cowan, Crispan, et al.: "StackGuard: Automatic Adaptive Detection and Prevention of Buffer-Overflow Attacks", 7th USENIX Security Symposium, San Antonio, Texas, 1998 Google ScholarDigital Library
- Cowan, Crispan, Perry Wagle, et al.: "Buffer Overflows: Attacks and Defenses for the Vulnerability of the Decade", DARPA Information Survivability Conference and Exposition, January, 2000.Google Scholar
- Douence, R. et al.: "An expressive aspect language for system applications with Arachne", Proceeding of the 4th International Conference on Aspect-Oriented Software Development (AOSD 2005), Chicago, Illinois, March 2005. Google ScholarDigital Library
- Engel, M., Freisleben, B.: "Supporting Autonomic Computing Functionality via Dynamic Operating System Kernel Aspects", Proceeding of the 4th International Conference on Aspect-Oriented Software Development (AOSD 2005), Chicago, Illinois, March 2005 Google ScholarDigital Library
- Gal, Andreas, Wolfgang Schröder-Preikschat, and Olaf Spinczyk: "AspectC++: Language Proposal and Prototype Implementation", Proceedings of the OOPSLA 2001 Workshop on Advanced Separation of Concerns in Object-Oriented Systems, Tampa, Florida, 2001.Google Scholar
- Gilani, Wasif, and Olaf Spinczyk, "Dynamic Aspect Weaver Family for Family-based Adaptable Systems", In Proceedings of the Net. ObjectDays 2005 (NODe 2005), LNCS, Erfurt, Germany, Sep 19--22, 2005.Google Scholar
- Izik, "Reverse Engineering with LD_PRELOAD", at http://www.security.nnov.ru/articles/reveng/.Google Scholar
- Kiczales, G. et al.: "Aspect-Oriented Programming", in Proceedings of ECOOP '97, Springer.Google Scholar
- Kiczales, G., E. Hilsdale, J. Hugunin, M. Kersten, J. Palm, and W. G. Griswold, "Getting Started with AspectJ," in Communications of the ACM, 44(10): 59--65, October 2001. Google ScholarDigital Library
- Kuperman, Benjamin A., Carla E. Brodley, et. al. "Detection and Prevention of Stock Buffer Overflow Attacks", CACM, November 2005, 51--56. Google ScholarDigital Library
- Larochelle, David, David Evans: "Statically Detecting Likely Buffer Overflow Vulnerabilities", Proceedings of the 10th USENIX Security Symposium, 2001. Google ScholarDigital Library
- Mahoney, Bill: "Compiler Assisted Tracking of Hacker Assaults", in Proceedings of ICIW 2006: International Conference on Information Warfare, March 2006.Google Scholar
- Popovici, A., Gross, T. and Alonso, G. "Dynamic Weaving for Aspect Oriented Programming", in AOSD 2002 Proceedings. ACM press, 2002. Google ScholarDigital Library
- Poskanzer, Jef, "thttpd -- tiny/turbo/throttling HTTP server" at http://www.acme.com/software/thttpd/.Google Scholar
- Sato, Y. et al.: A Selective, "Just-In-Time Aspect Weaver", Proceedings of GPCE'03, 2003, Erfurt, Germany. Google ScholarDigital Library
- Silva, Eduardo: Monkey HTTP Daemon, at http://monkeyd.sourceforge.net/Google Scholar
- Spinczyk, Olaf, Daniel Lohmann, and Matthias Urban, "AspectC++: an AOP Extension for C++", Software Developer's Journal, pages 68--76, 05/2005.Google Scholar
- Sommerville, Ian, "Software Engineering" 8th ed. Addison-Wesley, 2007. Google ScholarDigital Library
- U. S. L. System Unix. System V Application Binary Interface Intel 386 Architecture Processor Supplement. Prentice Hall Trade, 1994.Google Scholar
- Vanderperren, W. et al.: "Adaptive Programming in JAsCo". Proceeding of the 4th International Conference on Aspect-Oriented Software Development (AOSD 2005), Chicago, Illinois, March 2005 Google ScholarDigital Library
- Zhang, C., Jacobson, H. A.: "TinyC2: Towards building a dynamic weaving aspect language for C", Proceeding of the 2nd AOSD Workshop on Foundations of Aspect---Oriented Languages, Boston, March 2003.Google Scholar
Index Terms
- Using common off-the-shelf tools to implement dynamic aspects
Recommendations
Supporting autonomic computing functionality via dynamic operating system kernel aspects
AOSD '05: Proceedings of the 4th international conference on Aspect-oriented software developmentTo master the complexity of software systems in the presence of unexpected events potentially affecting system operation, the Autonomic Computing Initiative [16] aims to build systems that have the ability to control and organize themselves to meet ...
AspectOptima: A Case Study on Aspect Dependencies and Interactions
Transactions on Aspect-Oriented Software Development VThis paper presents AspectO<Emphasis Type="SmallCaps">ptima</Emphasis> , a language independent, aspect-oriented framework consisting of a set of ten base aspects--each one providing a well-defined reusable functionality--that can be configured to ...
Open Aspects
Open Aspects are our approach to face unplanned changes in systems that are based on aspect-oriented composition at runtime. They support explicit adaptation models, allowing developers to describe system change events to be observed, and corrective ...
Comments