Attack Mitigation through Diversity

Cloud computing has become popular in recent years due to the cost and resource savings associated with virtual machines using shared resources. Unfortunately, this mode of operation serves as a vulnerability amplifier because each computer executes multiple versions of the same operating code base carrying the same vulnerabilities. This paper explores compiler and linker based approaches to increase attacker workload by generating diversity in the binary code associated with a single source. This is achieved by injecting randomness into the binary image. Entropy is used as a metric of diversity and we explore the relationship between three components of this measure: padding entropy within a logical block, ordering entropy over a program, and joint entropy associated with function layout. Collectively these components can be combined in an analytical expression that provides an upper bound on the number of variants that can be generated for a single source code. This general approach serves as a basis for combining additional transformations. These transformations can then be applied to diversify operating systems and military cloud applications, such as Apache Accumulo.