Composite software diversification

Shuai Wang, Pei Wang, Dinghao Wu

Research output: Chapter in Book/Report/Conference proceedingConference contribution

4 Citations (Scopus)

Abstract

Many techniques of software vulnerability exploitation rely on deep and comprehensive analysis of vulnerable program binaries. If a copy of the vulnerable software is available to attackers, they can compose their attack scripts and payloads by studying the sample copy and launch attacks on other copies of the same software in deployment. By transforming software into different forms before deployment, software diversification is considered as an effective mitigation of attacks originated from malicious binary analyses. Essentially, developing a software diversification transformation is nontrivial because it has to preserve the original functionality, provide strong enough unpredictability, and introduce negligible cost. Enlightened by research in other areas, we seek to apply different diversification transformations to the same program for a synergy effect such that the resulting hybrid transformations can have boosted diversification effects with modest cost. We name this approach the composite software diversification. Although the concept is straightforward, it becomes challenging when searching for satisfactory compositions of primitive transformations that maximize the synergy effect and make a balance between effectiveness and cost. In this work, we undertake an in-depth study and develop a reasonably well working selection strategy to find a transformation composition that performs better than any single transformation used in the composition. We believe our work can provide guidelines for practitioners who would like to improve the design of diversification tools in the future.

Original languageEnglish (US)
Title of host publicationProceedings - 2017 IEEE International Conference on Software Maintenance and Evolution, ICSME 2017
PublisherInstitute of Electrical and Electronics Engineers Inc.
Pages284-294
Number of pages11
ISBN (Electronic)9781538609927
DOIs
StatePublished - Nov 2 2017
Event2017 IEEE International Conference on Software Maintenance and Evolution, ICSME 2017 - Shanghai, China
Duration: Sep 19 2017Sep 22 2017

Publication series

NameProceedings - 2017 IEEE International Conference on Software Maintenance and Evolution, ICSME 2017

Other

Other2017 IEEE International Conference on Software Maintenance and Evolution, ICSME 2017
CountryChina
CityShanghai
Period9/19/179/22/17

Fingerprint

Composite materials
Chemical analysis
Costs

All Science Journal Classification (ASJC) codes

  • Safety, Risk, Reliability and Quality
  • Software

Cite this

Wang, S., Wang, P., & Wu, D. (2017). Composite software diversification. In Proceedings - 2017 IEEE International Conference on Software Maintenance and Evolution, ICSME 2017 (pp. 284-294). [8094429] (Proceedings - 2017 IEEE International Conference on Software Maintenance and Evolution, ICSME 2017). Institute of Electrical and Electronics Engineers Inc.. https://doi.org/10.1109/ICSME.2017.61
Wang, Shuai ; Wang, Pei ; Wu, Dinghao. / Composite software diversification. Proceedings - 2017 IEEE International Conference on Software Maintenance and Evolution, ICSME 2017. Institute of Electrical and Electronics Engineers Inc., 2017. pp. 284-294 (Proceedings - 2017 IEEE International Conference on Software Maintenance and Evolution, ICSME 2017).
@inproceedings{25d4f30309ee4901b250e955a7dd12f9,
title = "Composite software diversification",
abstract = "Many techniques of software vulnerability exploitation rely on deep and comprehensive analysis of vulnerable program binaries. If a copy of the vulnerable software is available to attackers, they can compose their attack scripts and payloads by studying the sample copy and launch attacks on other copies of the same software in deployment. By transforming software into different forms before deployment, software diversification is considered as an effective mitigation of attacks originated from malicious binary analyses. Essentially, developing a software diversification transformation is nontrivial because it has to preserve the original functionality, provide strong enough unpredictability, and introduce negligible cost. Enlightened by research in other areas, we seek to apply different diversification transformations to the same program for a synergy effect such that the resulting hybrid transformations can have boosted diversification effects with modest cost. We name this approach the composite software diversification. Although the concept is straightforward, it becomes challenging when searching for satisfactory compositions of primitive transformations that maximize the synergy effect and make a balance between effectiveness and cost. In this work, we undertake an in-depth study and develop a reasonably well working selection strategy to find a transformation composition that performs better than any single transformation used in the composition. We believe our work can provide guidelines for practitioners who would like to improve the design of diversification tools in the future.",
author = "Shuai Wang and Pei Wang and Dinghao Wu",
year = "2017",
month = "11",
day = "2",
doi = "10.1109/ICSME.2017.61",
language = "English (US)",
series = "Proceedings - 2017 IEEE International Conference on Software Maintenance and Evolution, ICSME 2017",
publisher = "Institute of Electrical and Electronics Engineers Inc.",
pages = "284--294",
booktitle = "Proceedings - 2017 IEEE International Conference on Software Maintenance and Evolution, ICSME 2017",
address = "United States",

}

Wang, S, Wang, P & Wu, D 2017, Composite software diversification. in Proceedings - 2017 IEEE International Conference on Software Maintenance and Evolution, ICSME 2017., 8094429, Proceedings - 2017 IEEE International Conference on Software Maintenance and Evolution, ICSME 2017, Institute of Electrical and Electronics Engineers Inc., pp. 284-294, 2017 IEEE International Conference on Software Maintenance and Evolution, ICSME 2017, Shanghai, China, 9/19/17. https://doi.org/10.1109/ICSME.2017.61

Composite software diversification. / Wang, Shuai; Wang, Pei; Wu, Dinghao.

Proceedings - 2017 IEEE International Conference on Software Maintenance and Evolution, ICSME 2017. Institute of Electrical and Electronics Engineers Inc., 2017. p. 284-294 8094429 (Proceedings - 2017 IEEE International Conference on Software Maintenance and Evolution, ICSME 2017).

Research output: Chapter in Book/Report/Conference proceedingConference contribution

TY - GEN

T1 - Composite software diversification

AU - Wang, Shuai

AU - Wang, Pei

AU - Wu, Dinghao

PY - 2017/11/2

Y1 - 2017/11/2

N2 - Many techniques of software vulnerability exploitation rely on deep and comprehensive analysis of vulnerable program binaries. If a copy of the vulnerable software is available to attackers, they can compose their attack scripts and payloads by studying the sample copy and launch attacks on other copies of the same software in deployment. By transforming software into different forms before deployment, software diversification is considered as an effective mitigation of attacks originated from malicious binary analyses. Essentially, developing a software diversification transformation is nontrivial because it has to preserve the original functionality, provide strong enough unpredictability, and introduce negligible cost. Enlightened by research in other areas, we seek to apply different diversification transformations to the same program for a synergy effect such that the resulting hybrid transformations can have boosted diversification effects with modest cost. We name this approach the composite software diversification. Although the concept is straightforward, it becomes challenging when searching for satisfactory compositions of primitive transformations that maximize the synergy effect and make a balance between effectiveness and cost. In this work, we undertake an in-depth study and develop a reasonably well working selection strategy to find a transformation composition that performs better than any single transformation used in the composition. We believe our work can provide guidelines for practitioners who would like to improve the design of diversification tools in the future.

AB - Many techniques of software vulnerability exploitation rely on deep and comprehensive analysis of vulnerable program binaries. If a copy of the vulnerable software is available to attackers, they can compose their attack scripts and payloads by studying the sample copy and launch attacks on other copies of the same software in deployment. By transforming software into different forms before deployment, software diversification is considered as an effective mitigation of attacks originated from malicious binary analyses. Essentially, developing a software diversification transformation is nontrivial because it has to preserve the original functionality, provide strong enough unpredictability, and introduce negligible cost. Enlightened by research in other areas, we seek to apply different diversification transformations to the same program for a synergy effect such that the resulting hybrid transformations can have boosted diversification effects with modest cost. We name this approach the composite software diversification. Although the concept is straightforward, it becomes challenging when searching for satisfactory compositions of primitive transformations that maximize the synergy effect and make a balance between effectiveness and cost. In this work, we undertake an in-depth study and develop a reasonably well working selection strategy to find a transformation composition that performs better than any single transformation used in the composition. We believe our work can provide guidelines for practitioners who would like to improve the design of diversification tools in the future.

UR - http://www.scopus.com/inward/record.url?scp=85040576689&partnerID=8YFLogxK

UR - http://www.scopus.com/inward/citedby.url?scp=85040576689&partnerID=8YFLogxK

U2 - 10.1109/ICSME.2017.61

DO - 10.1109/ICSME.2017.61

M3 - Conference contribution

AN - SCOPUS:85040576689

T3 - Proceedings - 2017 IEEE International Conference on Software Maintenance and Evolution, ICSME 2017

SP - 284

EP - 294

BT - Proceedings - 2017 IEEE International Conference on Software Maintenance and Evolution, ICSME 2017

PB - Institute of Electrical and Electronics Engineers Inc.

ER -

Wang S, Wang P, Wu D. Composite software diversification. In Proceedings - 2017 IEEE International Conference on Software Maintenance and Evolution, ICSME 2017. Institute of Electrical and Electronics Engineers Inc. 2017. p. 284-294. 8094429. (Proceedings - 2017 IEEE International Conference on Software Maintenance and Evolution, ICSME 2017). https://doi.org/10.1109/ICSME.2017.61