We have been investigating compiler-generated software diversity as a
defense mechanism against software attacks. Imagine an "App Store"
containing a diversification engine (a "multicompiler") that
automatically generates a unique version of every program for every
user. All the different versions of the same program behave in exactly
the same way from the perspective of the end-user, but they implement
their functionality in subtly different ways. As a result, any
specific attack will succeed only on a small fraction of targets. An
attacker would require a large number of different attacks and would
have no way of knowing a priori which specific attack will succeed on
which specific target. Equally importantly, this approach makes it
much more difficult for an attacker to generate attack vectors by way
of reverse engineering of security patches.
We have built such a multicompiler which is now available as a
prototype. We can diversify large software distributions such as the
Chromium web browser or a complete Linux distribution. I will present
some preliminary benchmarks and will also address some practical
issues such as the problem of reporting errors when every binary is
unique, and updating of diversified software.
Prof. Michael Franz is a Professor of Computer Science in UCI's Donald
Bren School of Information and Computer Sciences, a Professor of
Electrical Engineering and Computer Science (by courtesy) in UCI's
Henry Samueli School of Engineering, and the director of UCI's Secure
Systems and Software Laboratory. He received the Dr. sc. techn.
(advisor: Niklaus Wirth) and the Dipl. Informatik-Ing. ETH degrees
from ETH Zurich, the Swiss Federal Institute of Technology.
Software Immunity via Large-Scale Diversification