Title :
Symbol diversification of linux binaries
Author :
Lauren, Samuel ; Maki, Petteri ; Rauti, Sampsa ; Hosseinzadeh, Shohreh ; Hyrynsalmi, Sami ; Leppanen, Ville
Author_Institution :
Dept. of Inf. Technol., Univ. of Turku, Turku, Finland
Abstract :
In this paper, we advocate large-scale diversification as a method to protect operating systems and render malicious programs ineffective. The idea is to diversify all the indirect library entry points to the system calls on a specific computer. As a result, it becomes very difficult for a piece of malware to access resources. The diversification of indirect system call entry points in operating system libraries is unique for each computer. Therefore, a piece of malware no longer works on several computers and becomes incompatible with their environment. We also present a concrete diversification tool and results on successful diversification. We conclude that despite some challenges, our tool can successfully diversify symbols in binaries and associated libraries in order to protect the system from attacks.
Keywords :
Linux; computer crime; data protection; invasive software; software libraries; Linux binaries; concrete diversification tool; indirect system call entry points diversification; large-scale diversification; library entry points; malicious programs; malware; operating system libraries; operating systems protection; symbol diversification; system attack protection; Automation; Geophysical measurement techniques; Ground penetrating radar; Lead; Libraries; Rendering (computer graphics);
Conference_Titel :
Internet Security (WorldCIS), 2014 World Congress on
Conference_Location :
London
DOI :
10.1109/WorldCIS.2014.7028170
