International audienceThe predictability of program execution provides attackers a rich source of knowledge who can exploit it to spy or remotely control the program. Moving target defense addresses this issue by constantly switching between many diverse variants of a program, which reduces the certainty that an attacker can have about the program execution. The effectiveness of this approach relies on the availability of a large number of software variants that exhibit different executions. However, current approaches rely on the natural diversity provided by off-the-shelf components, which is very limited. In this paper, we explore the automatic synthesis of large sets of program variants, called sosies. Sosies provide the same expected f...
Reverse engineering is usually the stepping stone of a variety of attacks aiming at identifying sens...
Signature-based similarity metrics are the primary mech-anism to detect malware on current systems. ...
International audienceWe present a generic framework for runtime code polymorphism,applicable to a l...
International audienceThe predictability of program execution provides attackers a rich source of kn...
The predictability of program execution provides attackers a rich source of knowledge who can exploi...
Abstract—The idea of automatic software diversity is at least two decades old. The deficiencies of c...
Abstract—The idea of automatic software diversity is at least two decades old. The deficiencies of c...
11 pages, 4 figures, 8 listings, conferenceA few works address the challenge of automating software ...
Abstract—We explore software diversity as a defense against side-channel attacks by dynamically and ...
Context Software diversity, self-modification, and obfuscation have many applications in software se...
Software immunity through diversity is a promising research direction. Address Space Layout Randomi...
Abstract—The software monoculture favors attackers over defenders, since it makes all target environ...
Code-reuse attacks are notoriously hard to defeat, and many current solutions to the problem focus o...
We present an architectural framework for systematically using automated diversity to provide high a...
Part 3: Attacks to Software and Network SystemsInternational audienceWe present a generic framework ...
Reverse engineering is usually the stepping stone of a variety of attacks aiming at identifying sens...
Signature-based similarity metrics are the primary mech-anism to detect malware on current systems. ...
International audienceWe present a generic framework for runtime code polymorphism,applicable to a l...
International audienceThe predictability of program execution provides attackers a rich source of kn...
The predictability of program execution provides attackers a rich source of knowledge who can exploi...
Abstract—The idea of automatic software diversity is at least two decades old. The deficiencies of c...
Abstract—The idea of automatic software diversity is at least two decades old. The deficiencies of c...
11 pages, 4 figures, 8 listings, conferenceA few works address the challenge of automating software ...
Abstract—We explore software diversity as a defense against side-channel attacks by dynamically and ...
Context Software diversity, self-modification, and obfuscation have many applications in software se...
Software immunity through diversity is a promising research direction. Address Space Layout Randomi...
Abstract—The software monoculture favors attackers over defenders, since it makes all target environ...
Code-reuse attacks are notoriously hard to defeat, and many current solutions to the problem focus o...
We present an architectural framework for systematically using automated diversity to provide high a...
Part 3: Attacks to Software and Network SystemsInternational audienceWe present a generic framework ...
Reverse engineering is usually the stepping stone of a variety of attacks aiming at identifying sens...
Signature-based similarity metrics are the primary mech-anism to detect malware on current systems. ...
International audienceWe present a generic framework for runtime code polymorphism,applicable to a l...