DocumentCode
2173334
Title
Independence from obfuscation: a semantic framework for diversity
Author
Pucella, Riccardo ; Schneider, Fred B.
Author_Institution
Northeastern Univ., Boston, MA
fYear
0
fDate
0-0 0
Lastpage
241
Abstract
A set of replicas is diverse to the extent that all implement the same functionality but differ in their implementation details. Diverse replicas are less prone to having vulnerabilities in common, because attacks typically depend on memory layout and/or instruction-sequence specifics. Recent work advocates using mechanical means, such as program rewriting, to create such diversity. A correspondence between the specific transformations being employed and the attacks they defend against is often provided, but little has been said about the overall effectiveness of diversity per se in defending against attacks. With this broader goal in mind, we here give a precise characterization of attacks, applicable to viewing diversity as a defense, and also show how mechanically-generated diversity compares to a well-understood defense: strong typing
Keywords
security of data; diverse replicas; diversity semantic framework; instruction-sequence specifics; mechanically-generated diversity; memory layout; obfuscation independence; program rewriting; strong typing; Availability; Computer security; Conferences; Government; Internet; Logic; Runtime; Web server;
fLanguage
English
Publisher
ieee
Conference_Titel
Computer Security Foundations Workshop, 2006. 19th IEEE
Conference_Location
Venice
ISSN
1063-6900
Print_ISBN
0-7695-2615-2
Type
conf
DOI
10.1109/CSFW.2006.15
Filename
1648721
Link To Document