Multi-variant program execution for vulnerability detection and analysis

Authors:
Todd Jackson;Christian Wimmer;Michael Franz
Affiliations:
University of California, Irvine;University of California, Irvine;University of California, Irvine
Venue:
Proceedings of the Sixth Annual Workshop on Cyber Security and Information Intelligence Research
Year:
2010

Citing 4
Cited 1

Strata: A Software Dynamic Translation Infrastructure

Strata: A Software Dynamic Translation Infrastructure
DieHard: probabilistic memory safety for unsafe languages

Proceedings of the 2006 ACM SIGPLAN conference on Programming language design and implementation
N-variant systems: a secretless framework for security through diversity

USENIX-SS'06 Proceedings of the 15th conference on USENIX Security Symposium - Volume 15
Orchestra: intrusion detection using parallel execution and monitoring of program variants in user-space

Proceedings of the 4th ACM European conference on Computer systems

ChameleonSoft: Software Behavior Encryption for Moving Target Defense

Mobile Networks and Applications

Quantified Score

Hi-index	0.00

Visualization

Abstract

Software vulnerabilities continue to be a major threat. Although significant advances have been made to reduce such vulnerabilities, there are still vulnerabilities that have eluded these techniques, and unfortunately the attackers have also become more sophisticated, employing more devious methods. Moreover, a huge amount of new code is written every year, so that even though the error rate may be decreasing, the overall number of vulnerabilities is still increasing. For example, the number of buffer errors listed in the National Vulnerabilities Database increased from 398 in 2007 to 563 in the year 2008 [7].