A set of replicas is diverse to the extent that all implement the same functionality but differ in their implementation details. Diverse replicas are less prone to having vulnerabilities in common, because attacks typically depend on memory layout and/or instruction-sequence specifics. Recent work advocates using mechanical means, such as program rewriting, to create such diversity. A correspondence between the specific transformations being employed and the attacks they defend against is often provided, but little has been said about the overall effectiveness of diversity per se in defending against attacks. With this broader goal in mind, we here give a precise characterization of attacks, applicable to viewing diversity as a defense, an...
Abstract—The idea of automatic software diversity is at least two decades old. The deficiencies of c...
Abstract—The idea of automatic software diversity is at least two decades old. The deficiencies of c...
We initiate the study of extractability obfuscation (a.k.a. differing-inputs obfuscation), a notion ...
A set of replicas is diverse to the extent that all implement the same functionality but differ in t...
Context Software diversity, self-modification, and obfuscation have many applications in software se...
Software immunity through diversity is a promising research direction. Address Space Layout Randomi...
We present an architectural framework for systematically using automated diversity to provide high a...
Software systems often share common vulnerabilities that allow a single attack to compromise large n...
Abstract—We explore software diversity as a defense against side-channel attacks by dynamically and ...
Code-reuse attacks are notoriously hard to defeat, and many current solutions to the problem focus o...
Diversity is an important source of robustness in biological systems. Computers, by contrast, are no...
Software systems often share common vulnerabilities that allow a single attack to compromise large n...
Abstract—The software monoculture favors attackers over defenders, since it makes all target environ...
The predictability of program execution provides attackers a rich source of knowledge who can exploi...
International audienceThe predictability of program execution provides attackers a rich source of kn...
Abstract—The idea of automatic software diversity is at least two decades old. The deficiencies of c...
Abstract—The idea of automatic software diversity is at least two decades old. The deficiencies of c...
We initiate the study of extractability obfuscation (a.k.a. differing-inputs obfuscation), a notion ...
A set of replicas is diverse to the extent that all implement the same functionality but differ in t...
Context Software diversity, self-modification, and obfuscation have many applications in software se...
Software immunity through diversity is a promising research direction. Address Space Layout Randomi...
We present an architectural framework for systematically using automated diversity to provide high a...
Software systems often share common vulnerabilities that allow a single attack to compromise large n...
Abstract—We explore software diversity as a defense against side-channel attacks by dynamically and ...
Code-reuse attacks are notoriously hard to defeat, and many current solutions to the problem focus o...
Diversity is an important source of robustness in biological systems. Computers, by contrast, are no...
Software systems often share common vulnerabilities that allow a single attack to compromise large n...
Abstract—The software monoculture favors attackers over defenders, since it makes all target environ...
The predictability of program execution provides attackers a rich source of knowledge who can exploi...
International audienceThe predictability of program execution provides attackers a rich source of kn...
Abstract—The idea of automatic software diversity is at least two decades old. The deficiencies of c...
Abstract—The idea of automatic software diversity is at least two decades old. The deficiencies of c...
We initiate the study of extractability obfuscation (a.k.a. differing-inputs obfuscation), a notion ...