Unlimited Lives: Secure In-Process Rollback with Isolated Domains

The use of unsafe programming languages still remains one of the major root causes of software vulnerabilities. Although well-known defenses that detect and mitigate memory-safety related issues exist, they don't address the challenge of software resilience, i.e., whether a system under attack can continue to carry out its function when subjected to malicious input. We propose secure rollback of isolated domains as an efficient and secure method of improving the resilience of software targeted by run-time attacks. We show the practicability of our methodology by realizing a software library for Secure Domain Rollback (SDRoB) and demonstrate how SDRoB can be applied to real-world software.