Title :
Stack layout transformation: Towards diversity for securing binary programs
Author_Institution :
Dept. of Comput. Sci., Univ. of Virginia, Charlottesville, VA, USA
Abstract :
Despite protracted efforts by both researchers and practitioners, security vulnerabilities remain in modern software. Artificial diversity is an effective defense against many types of attack, and one form, address-space randomization, has been widely applied. Present artificial diversity implementations are either coarse-grained or require source code. Because of the widespread use of software of unknown provenance, e.g., libraries, where no source code is provided or available, building diversity into the source code is not always possible. I investigate an approach to stack layout transformation that operates on x86 binary programs, which would allow users to obfuscate vulnerabilities and increase their confidence in the software´s dependability. The proposed approach is speculative: the stack frame layout for a function is inferred from the binary and assessed by executing the transformed program. Upon assessment failure, the inferred layout is refined in hopes to better reflect the actual function layout.
Keywords :
security of data; software reliability; address-space randomization; artificial diversity; binary program security diversity; failure assessment; function layout; security vulnerabilities; software dependability; source code; stack layout transformation; x86 binary programs; Benchmark testing; Layout; Measurement; Security; Software; Transforms; address randomization; artificial diversity; binary programs; security; stack frame layout;
Conference_Titel :
Software Engineering (ICSE), 2012 34th International Conference on
Conference_Location :
Zurich
Print_ISBN :
978-1-4673-1066-6
Electronic_ISBN :
0270-5257
DOI :
10.1109/ICSE.2012.6227041
