Artificial diversification of a software program can be a versatile tool in a wide range of software engineering and security scenarios. For example, randomizing implementation aspects can increase the costs for attackers as it prevents them from benefiting of precise knowledge of their target. A promising angle for diversification can be having two runs of a program on the same input yield inherently diverse instruction traces. Inspired by on-stack replacement designs for managed runtimes, in this paper we study how to transform a C program to realize continuous transfers of control and program state among function variants as they run. We discuss the technical challenges toward such goal and propose effective compiler techniques for it that enable the re-use of existing techniques for static diversification with no modifications. We implement our approach in LLVM and evaluate it on both synthetic and real-world subjects.

Principled Composition of Function Variants for Dynamic Software Diversity and Program Protection / Priamo, Giacomo; D'Elia, Daniele Cono; Querzoni, Leonardo. - (2022), pp. 1-5. (Intervento presentato al convegno International Conference on Automated Software Engineering tenutosi a Oakland Center (OC), MI, USA.) [10.1145/3551349.3559553].

Principled Composition of Function Variants for Dynamic Software Diversity and Program Protection

Priamo, Giacomo;D'Elia, Daniele Cono
;
Querzoni, Leonardo
2022

Abstract

Artificial diversification of a software program can be a versatile tool in a wide range of software engineering and security scenarios. For example, randomizing implementation aspects can increase the costs for attackers as it prevents them from benefiting of precise knowledge of their target. A promising angle for diversification can be having two runs of a program on the same input yield inherently diverse instruction traces. Inspired by on-stack replacement designs for managed runtimes, in this paper we study how to transform a C program to realize continuous transfers of control and program state among function variants as they run. We discuss the technical challenges toward such goal and propose effective compiler techniques for it that enable the re-use of existing techniques for static diversification with no modifications. We implement our approach in LLVM and evaluate it on both synthetic and real-world subjects.
2022
International Conference on Automated Software Engineering
software diversity; program protection; computer security
04 Pubblicazione in atti di convegno::04b Atto di convegno in volume
Principled Composition of Function Variants for Dynamic Software Diversity and Program Protection / Priamo, Giacomo; D'Elia, Daniele Cono; Querzoni, Leonardo. - (2022), pp. 1-5. (Intervento presentato al convegno International Conference on Automated Software Engineering tenutosi a Oakland Center (OC), MI, USA.) [10.1145/3551349.3559553].
File allegati a questo prodotto
Non ci sono file associati a questo prodotto.

I documenti in IRIS sono protetti da copyright e tutti i diritti sono riservati, salvo diversa indicazione.

Utilizza questo identificativo per citare o creare un link a questo documento: https://hdl.handle.net/11573/1665969
 Attenzione

Attenzione! I dati visualizzati non sono stati sottoposti a validazione da parte dell'ateneo

Citazioni
  • ???jsp.display-item.citation.pmc??? ND
  • Scopus 0
  • ???jsp.display-item.citation.isi??? 0
social impact