Memory error exploits rank among the most serious security threats. Of the plethora of memory error containment solutions proposed over the years, most have proven to be too weak in practice. Multi-Variant eXecution (MVX) solutions can potentially detect arbitrary memory error exploits via divergent behavior observed in diversified program variants running in parallel. However, none have found practical applicability in security due to their non-trivial performance limitations. In this paper, we present MvArmor, an MVX system that uses hardware-assisted process virtualization to monitor variants for divergent behavior in an efficient yet secure way. To provide comprehensive protection against memory error exploits, MvArmor relies on a new M...
Virtualization has become an indispensable technique for scaling up the analysis of malicious code, ...
Software updates are an integral part of the software development and maintenance process, but unfor...
Over the past decades, the major objectives of computer design have been to improve performance and ...
Abstract—The number and complexity of attacks on computer systems are increasing. This growth necess...
Multi-Variant Execution Environments (MVEEs) are a powerful tool for protecting legacy software agai...
N-Variant Execution (NVX) systems utilize artificial diversity techniques to enhance software securi...
Kernel information leak vulnerabilities are a major security threat to production systems. Attackers...
Memory corruption vulnerabilities remain a grave threat to systems software written in C/C++. Curren...
Computers today are ubiquitous and closely integrated into our everyday lives. But computers are fic...
Multi-variant program execution is an application of n-version programming, in which several slightl...
We present an architectural framework for systematically using automated diversity to provide high a...
The business world is exhibiting a growing dependency on computer systems, their operations and th...
International audienceEven if a software is proven sound and secure, an attacker can still insert vu...
Exploitation of memory-corruption vulnerabilities in widely-used software has been a threat for over...
In this paper, we present Disjoint Code Layouts (DCL), a technique that complements Multi-Variant Ex...
Virtualization has become an indispensable technique for scaling up the analysis of malicious code, ...
Software updates are an integral part of the software development and maintenance process, but unfor...
Over the past decades, the major objectives of computer design have been to improve performance and ...
Abstract—The number and complexity of attacks on computer systems are increasing. This growth necess...
Multi-Variant Execution Environments (MVEEs) are a powerful tool for protecting legacy software agai...
N-Variant Execution (NVX) systems utilize artificial diversity techniques to enhance software securi...
Kernel information leak vulnerabilities are a major security threat to production systems. Attackers...
Memory corruption vulnerabilities remain a grave threat to systems software written in C/C++. Curren...
Computers today are ubiquitous and closely integrated into our everyday lives. But computers are fic...
Multi-variant program execution is an application of n-version programming, in which several slightl...
We present an architectural framework for systematically using automated diversity to provide high a...
The business world is exhibiting a growing dependency on computer systems, their operations and th...
International audienceEven if a software is proven sound and secure, an attacker can still insert vu...
Exploitation of memory-corruption vulnerabilities in widely-used software has been a threat for over...
In this paper, we present Disjoint Code Layouts (DCL), a technique that complements Multi-Variant Ex...
Virtualization has become an indispensable technique for scaling up the analysis of malicious code, ...
Software updates are an integral part of the software development and maintenance process, but unfor...
Over the past decades, the major objectives of computer design have been to improve performance and ...