Large-Scale Automated Software Diversity - Program Evolution Redux
نویسندگان
چکیده
The software monoculture favors attackers over defenders, since it makes all target environments appear similar. Code-reuse attacks, for example, rely on target hosts running identical software. Attackers use this assumption to their advantage by automating parts of creating an attack. This article presents large-scale automated software diversification as a means to shore up this vulnerability implied by our software monoculture. Besides describing an industrial-strength implementation of automated software diversity, we introduce methods to objectively measure the effectiveness of diversity in general, and its potential to eliminate code-reuse attacks in particular.
منابع مشابه
Combining Reductions and Computations in ReDuX
ReDuX [1, 4] is a term rewriting laboratory mainly aimed at theorem proving and completion procedures. ReDuX comprises several variants of Knuth-Bendix completion including a version supporting associative commutative operators and an inductive completion procedure. Several term orderings are available as well as a random term generator and a program to automatically analyze the set of irreduci...
متن کاملA Regression Proof Selection Tool For Coq
Large-scale software verification projects increasingly rely on proof assistants, such as Coq, to construct formal proofs of program correctness. However, such proofs must be checked after every change to a project to ensure expected program behavior. This process of regression proving can require substantial machine time, which is detrimental to productivity and trust in evolving projects. We ...
متن کاملOpen Source Software Evolution and Its Dynamics
This thesis undertakes an empirical study of software evolution by analyzing open source software (OSS) systems. The main purpose is to aid in understanding OSS evolution. The work centers on collecting large quantities of structural data cost-effectively and analyzing such data to understand software evolution dynamics (the mechanisms and causes of change and growth). We propose a multipurpose...
متن کاملCommon Envelope Evolution Redux
Common envelopes form in dynamical time scale mass exchange, when the envelope of a donor star engulfs a much denser companion, and the core of the donor plus the dense companion star spiral inward through this dissipative envelope. As conceived by Paczynski and Ostriker, this process must be responsible for the creation of short-period binaries with degenerate components, and, indeed, it has p...
متن کاملFormal Specifications And Command Modeling In Software Systems With A Complex Command Structure
Commands are an important part of large scale industrial software specifications, especially where the specification is separated from its implementation as in open software standards. Commands can be complex because of large numbers of parameters, dependencies among parameters, subtle side effects, and lack of abstraction. We present a formal approach for command modeling and apply it to IBM's...
متن کاملذخیره در منابع من
با ذخیره ی این منبع در منابع من، دسترسی به آن را برای استفاده های بعدی آسان تر کنید
برای دانلود متن کامل این مقاله و بیش از 32 میلیون مقاله دیگر ابتدا ثبت نام کنید
ثبت ناماگر عضو سایت هستید لطفا وارد حساب کاربری خود شوید
ورودعنوان ژورنال:
- IEEE Trans. Dependable Sec. Comput.
دوره 14 شماره
صفحات -
تاریخ انتشار 2017