Abstract | ||
---|---|---|
The software monoculture favors attackers over defenders, since it makes all target environments appear similar. Code-reuse attacks, for example, rely on target hosts running identical software. Attackers use this assumption to their advantage by automating parts of creating an attack. This article presents large-scale automated software diversification as a means to shore up this vulnerability implied by our software monoculture. Besides describing an industrial-strength implementation of automated software diversity, we introduce methods to objectively measure the effectiveness of diversity in general, and its potential to eliminate code-reuse attacks in particular. |
Year | DOI | Venue |
---|---|---|
2017 | 10.1109/TDSC.2015.2433252 | IEEE Trans. Dependable Sec. Comput. |
Keywords | Field | DocType |
Biologically-inspired defenses,artificial software diversity,code reuse attacks,jump-oriented programming,return-oriented programming | Software design,Computer science,Computer security,Extreme programming practices,Software system,Real-time computing,Software,Component-based software engineering,Software construction,Software framework,Software development | Journal |
Volume | Issue | ISSN |
PP | 99 | 1545-5971 |
Citations | PageRank | References |
7 | 0.51 | 36 |
Authors | ||
4 |
Name | Order | Citations | PageRank |
---|---|---|---|
Homescu, A. | 1 | 7 | 0.85 |
Jackson, T. | 2 | 7 | 0.51 |
Stephen Crane | 3 | 269 | 13.24 |
Brunthaler, S. | 4 | 36 | 1.55 |