TY - GEN
T1 - Composite software diversification
AU - Wang, Shuai
AU - Wang, Pei
AU - Wu, Dinghao
N1 - Publisher Copyright:
© 2017 IEEE.
PY - 2017/11/2
Y1 - 2017/11/2
N2 - Many techniques of software vulnerability exploitation rely on deep and comprehensive analysis of vulnerable program binaries. If a copy of the vulnerable software is available to attackers, they can compose their attack scripts and payloads by studying the sample copy and launch attacks on other copies of the same software in deployment. By transforming software into different forms before deployment, software diversification is considered as an effective mitigation of attacks originated from malicious binary analyses. Essentially, developing a software diversification transformation is nontrivial because it has to preserve the original functionality, provide strong enough unpredictability, and introduce negligible cost. Enlightened by research in other areas, we seek to apply different diversification transformations to the same program for a synergy effect such that the resulting hybrid transformations can have boosted diversification effects with modest cost. We name this approach the composite software diversification. Although the concept is straightforward, it becomes challenging when searching for satisfactory compositions of primitive transformations that maximize the synergy effect and make a balance between effectiveness and cost. In this work, we undertake an in-depth study and develop a reasonably well working selection strategy to find a transformation composition that performs better than any single transformation used in the composition. We believe our work can provide guidelines for practitioners who would like to improve the design of diversification tools in the future.
AB - Many techniques of software vulnerability exploitation rely on deep and comprehensive analysis of vulnerable program binaries. If a copy of the vulnerable software is available to attackers, they can compose their attack scripts and payloads by studying the sample copy and launch attacks on other copies of the same software in deployment. By transforming software into different forms before deployment, software diversification is considered as an effective mitigation of attacks originated from malicious binary analyses. Essentially, developing a software diversification transformation is nontrivial because it has to preserve the original functionality, provide strong enough unpredictability, and introduce negligible cost. Enlightened by research in other areas, we seek to apply different diversification transformations to the same program for a synergy effect such that the resulting hybrid transformations can have boosted diversification effects with modest cost. We name this approach the composite software diversification. Although the concept is straightforward, it becomes challenging when searching for satisfactory compositions of primitive transformations that maximize the synergy effect and make a balance between effectiveness and cost. In this work, we undertake an in-depth study and develop a reasonably well working selection strategy to find a transformation composition that performs better than any single transformation used in the composition. We believe our work can provide guidelines for practitioners who would like to improve the design of diversification tools in the future.
UR - http://www.scopus.com/inward/record.url?scp=85040576689&partnerID=8YFLogxK
UR - http://www.scopus.com/inward/citedby.url?scp=85040576689&partnerID=8YFLogxK
U2 - 10.1109/ICSME.2017.61
DO - 10.1109/ICSME.2017.61
M3 - Conference contribution
AN - SCOPUS:85040576689
T3 - Proceedings - 2017 IEEE International Conference on Software Maintenance and Evolution, ICSME 2017
SP - 284
EP - 294
BT - Proceedings - 2017 IEEE International Conference on Software Maintenance and Evolution, ICSME 2017
PB - Institute of Electrical and Electronics Engineers Inc.
T2 - 2017 IEEE International Conference on Software Maintenance and Evolution, ICSME 2017
Y2 - 19 September 2017 through 22 September 2017
ER -