Presentation is loading. Please wait.

Presentation is loading. Please wait.

SoK: Automated Software Diversity

Published byLinette Miles Modified over 6 years ago

Similar presentations

Presentation on theme: "SoK: Automated Software Diversity"— Presentation transcript:

1 SoK: Automated Software Diversity
Per Larsen, Andrei Homescu, Stefan Brunthaler, Michael Franz University of California, Irvine

2 Abstract “...systematically study the state-of-the-art in software diversity and highlight fundamental trade-offs between fully automated approaches. We also point to open areas and unresolved challenges. These include “hybrid solutions”, error reporting, patching, and implementation disclosure attacks on diversified software.”

3 Taxonomy of Attacks Information Leaks Side Channel Attacks
Memory Corruption Attacks Code Injection Code Reuse Just-In-Time Attacks Program Tampering Reverse Engineering

4 Taxonomy of Defenses Enforcement-based Defenses
Program Integrity Monitors Diversity-based Defenses Program Obfuscation

5 What To Diversify Instruction Level Basic Block Level Loop Level
Function Level Program Level System Level

6

7 When To Diversify Implementation Compilation and Linking Installation
Loading Execution Updating

8 Security Impact Entropy – Higher Entropy means less chance of brute force attack being successful Attack specific code analysis Logical Arguments Testing against concrete attacks

9 Performance Impact

10 Unresolved Problems Hybrid Approaches Error Reports and Patches
Implementation Disclosure Measuring Efficacy Diversity as a Counter to Side Channel Attacks

11 Conclusion Pre-distribution approaches are easy to implement, support the widest range of transformations, and can defense against client-side attacks Post-distribution support legacy and proprietary software, amortize diversification costs, and require no changes to current distribution mechanisms.

Download ppt "SoK: Automated Software Diversity"

Similar presentations

1 The Project of this year Mariano Ceccato FBK - Fondazione Bruno Kessler

1 The Project of this year Mariano Ceccato FBK - Fondazione Bruno Kessler
Using Instruction Block Signatures to Counter Code Injection Attacks Milena Milenković, Aleksandar Milenković, Emil Jovanov The University of Alabama in.

Using Instruction Block Signatures to Counter Code Injection Attacks Milena Milenković, Aleksandar Milenković, Emil Jovanov The University of Alabama in.
Anti-Cheating Mechanisms for Computer Games Michael Rudolph Jason Cook.

Anti-Cheating Mechanisms for Computer Games Michael Rudolph Jason Cook.
Jeff Bilger - CSE P 590TU - Winter 2006 The Role of Cryptography in Combating Software Piracy.

Jeff Bilger - CSE P 590TU - Winter 2006 The Role of Cryptography in Combating Software Piracy.
Tamper-Tolerant Software: Modeling and Implementation International Workshop on Security (IWSEC 2009) October 28-30, 2009 – Toyama, Japan Mariusz H. Jakubowski.

Tamper-Tolerant Software: Modeling and Implementation International Workshop on Security (IWSEC 2009) October 28-30, 2009 – Toyama, Japan Mariusz H. Jakubowski.
Moving Target Defense in Cyber Security

Moving Target Defense in Cyber Security
New Direction for Software Protection in Embedded Systems Department of EECS University of Michigan Feb 22, 2007 Kang G. Shin.

New Direction for Software Protection in Embedded Systems Department of EECS University of Michigan Feb 22, 2007 Kang G. Shin.
Memory Attacks and Protection through Software Diversity

Memory Attacks and Protection through Software Diversity
Secure web browsers, malicious hardware, and hardware support for binary translation Sam King.

Secure web browsers, malicious hardware, and hardware support for binary translation Sam King.
MotoHawk Training Model-Based Design of Embedded Systems.

MotoHawk Training Model-Based Design of Embedded Systems.
Barracuda Web Application Firewall

Barracuda Web Application Firewall
Chapter 1 – Introduction

Chapter 1 – Introduction
Software Evolution Managing the processes of software system change

Software Evolution Managing the processes of software system change
An Integrated Framework for Dependable Revivable Architectures Using Multi-core Processors Weiding Shi, Hsien-Hsin S. Lee, Laura Falk, and Mrinmoy Ghosh.

An Integrated Framework for Dependable Revivable Architectures Using Multi-core Processors Weiding Shi, Hsien-Hsin S. Lee, Laura Falk, and Mrinmoy Ghosh.
Cryptography and Network Security Chapter 1. Chapter 1 – Introduction The art of war teaches us to rely not on the likelihood of the enemy's not coming,

Cryptography and Network Security Chapter 1. Chapter 1 – Introduction The art of war teaches us to rely not on the likelihood of the enemy's not coming,
Cryptography and Network Security Third Edition by William Stallings Lecture slides by Lawrie Brown.

Cryptography and Network Security Third Edition by William Stallings Lecture slides by Lawrie Brown.
Cryptography and Network Security Chapter 1 Fourth Edition by William Stallings Lecture slides by Lawrie Brown.

Cryptography and Network Security Chapter 1 Fourth Edition by William Stallings Lecture slides by Lawrie Brown.
Address Obfuscation: An Efficient Approach to Combat a Broad Range of Memory Error Exploits Sandeep Bhatkar, Daniel C. DuVarney, and R. Sekar Stony Brook.

Address Obfuscation: An Efficient Approach to Combat a Broad Range of Memory Error Exploits Sandeep Bhatkar, Daniel C. DuVarney, and R. Sekar Stony Brook.
1 Cryptography and Network Security Fourth Edition by William Stallings Lecture slides by Lawrie Brown Changed by: Somesh Jha [Lecture 1]

1 Cryptography and Network Security Fourth Edition by William Stallings Lecture slides by Lawrie Brown Changed by: Somesh Jha [Lecture 1]
Cryptography and Network Security Overview & Chapter 1 Fifth Edition by William Stallings Lecture slides by Lawrie Brown.

Cryptography and Network Security Overview & Chapter 1 Fifth Edition by William Stallings Lecture slides by Lawrie Brown.

Similar presentations

Ads by Google