Instruction Set Limitation in Support of Software Diversity

Authors:
Bjorn Sutter;Bertrand Anckaert;Jens Geiregat;Dominique Chanet;Koen Bosschere
Affiliations:
Electronics and Information Systems Department, Ghent University, Ghent, Belgium 9000;Electronics and Information Systems Department, Ghent University, Ghent, Belgium 9000;Electronics and Information Systems Department, Ghent University, Ghent, Belgium 9000;Electronics and Information Systems Department, Ghent University, Ghent, Belgium 9000;Electronics and Information Systems Department, Ghent University, Ghent, Belgium 9000
Venue:
Information Security and Cryptology --- ICISC 2008
Year:
2009

Citing 10
Cited 2

Superoptimizer: a look at the smallest program

ASPLOS II Proceedings of the second international conference on Architectual support for programming languages and operating systems
Manufacturing cheap, resilient, and stealthy opaque constructs

POPL '98 Proceedings of the 25th ACM SIGPLAN-SIGACT symposium on Principles of programming languages
Advanced compiler design and implementation

Advanced compiler design and implementation
Sifting out the mud: low level C++ code reuse

OOPSLA '02 Proceedings of the 17th ACM SIGPLAN conference on Object-oriented programming, systems, languages, and applications
Obfuscation of executable code to improve resistance to static disassembly

Proceedings of the 10th ACM conference on Computer and communications security
Hybrid static-dynamic attacks against software protection mechanisms

Proceedings of the 5th ACM workshop on Digital rights management
LOCO: an interactive code (De)obfuscation tool

Proceedings of the 2006 ACM SIGPLAN symposium on Partial evaluation and semantics-based program manipulation
Link-time compaction and optimization of ARM executables

ACM Transactions on Embedded Computing Systems (TECS)
Valgrind: a framework for heavyweight dynamic binary instrumentation

Proceedings of the 2007 ACM SIGPLAN conference on Programming language design and implementation
Steganography for executables and code transformation signatures

ICISC'04 Proceedings of the 7th international conference on Information Security and Cryptology

Code obfuscation against static and dynamic reverse engineering

IH'11 Proceedings of the 13th international conference on Information hiding
Covert computation: hiding code in code for obfuscation purposes

Proceedings of the 8th ACM SIGSAC symposium on Information, computer and communications security

Quantified Score

Hi-index	0.01

Visualization

Abstract

This paper proposes a novel technique, called instruction set limitation, to strengthen the resilience of software diversification against collusion attacks. Such attacks require a tool to match corresponding program fragments in different, diversified program versions. The proposed technique limits the types of instructions occurring in a program to the most frequently occurring types, by replacing the infrequently used types as much as possible by more frequently used ones. As such, this technique, when combined with diversification techniques, reduces the number of easily matched code fragments. The proposed technique is evaluated against a powerful diversification tool for Intel's x86 and an optimized matching process on a number of SPEC 2006 benchmarks.