Diversified Remote Code Execution Using Dynamic Obfuscation of Conditional Branches

Information leakage via timing side-channel attacksis one of the main threats that target code executing on remoteplatforms such as the cloud computing environment. Theseattacks can be further leveraged to reverse-engineer or eventamper with the running code. In this paper, we propose asecurity obfuscation technique, which helps making the generatedcode more resistant to these attacks, by means of increasinglogical complexity to hinder the formulation of a solid hypothesisabout code behavior. More importantly, this software solutionis portable, generic and does not require special setup orhardware or software modifications. In particular, we considermangling the control-flow inside a program via converting arandom set of conditional branches into linear code, using ifconversiontransformation. Moreover, our method exploits thedynamic compilation technology to continually and randomlyalter the branches. All of this mangling should diversify codeexecution, hence it becomes difficult for an attacker to infertiming correlations through statistical analysis. We extend theLLVM JIT compiler to provide for an initial investigation of thisapproach. This makes our system applicable to a wide varietyof programming languages and hardware platforms. We havestudied the system using a simple test program and selectedbenchmarks from the standard SPEC CPU 2006 suite withdifferent input loads and experimental setups. Initial results showsignificant changes in program´s control-flow and hence datadependences, resulting in noticeable different execution timeseven for the same input data, thereby complicating such attacks.More notably, the performance penalty is within reasonablemargins.