Tailored Source Code Transformations to Synthesize Computationally Diverse Program Variants

Baudry, Benoit; Allier, Simon; Monperrus, Martin

Type de document :

Communication dans un congrès avec actes

DOI :

10.1145/2610384.2610415

Titre :

Tailored Source Code Transformations to Synthesize Computationally Diverse Program Variants

Auteur(s) :

Baudry, Benoit [Auteur]
Diversity-centric Software Engineering [DiverSe]
Allier, Simon [Auteur]
Diversity-centric Software Engineering [DiverSe]
Monperrus, Martin [Auteur]

Université de Lille, Sciences et Technologies
Self-adaptation for distributed services and large software systems [SPIRALS]

Titre de la manifestation scientifique :

Proceedings of the International Symposium on Software Testing and Analysis

Ville :

San Jose

Pays :

Etats-Unis d'Amérique

Date de début de la manifestation scientifique :

2014

Date de publication :

2014

Discipline(s) HAL :

Informatique [cs]/Génie logiciel [cs.SE]

Résumé en anglais : [en]

The predictability of program execution provides attackers a rich source of knowledge who can exploit it to spy or remotely control the program. Moving target defense addresses this issue by constantly switching between ...
Lire la suite >The predictability of program execution provides attackers a rich source of knowledge who can exploit it to spy or remotely control the program. Moving target defense addresses this issue by constantly switching between many diverse variants of a program, which reduces the certainty that an attacker can have about the program execution. The effectiveness of this approach relies on the availability of a large number of software variants that exhibit different executions. However, current approaches rely on the natural diversity provided by off-the-shelf components, which is very limited. In this paper, we explore the automatic synthesis of large sets of program variants, called sosies. Sosies provide the same expected functionality as the original program, while exhibiting different executions. They are said to be computationally diverse. This work addresses two objectives: comparing different transformations for increasing the likelihood of sosie synthesis (densifying the search space for sosies); demonstrating computation diversity in synthesized sosies. We synthesized 30184 sosies in total, for 9 large, real-world, open source applications. For all these programs we identified one type of program analysis that systematically increases the density of sosies; we measured computation diversity for sosies of 3 programs and found diversity in method calls or data in more than 40% of sosies. This is a step towards controlled massive unpredictability of software.Lire moins >

Langue :

Anglais

Comité de lecture :

Oui

Audience :

Internationale

Vulgarisation :

Non

Collections :

Centre de Recherche en Informatique, Signal et Automatique de Lille (CRIStAL) - UMR 9189

Source :

Harvested from HAL

Fichiers

https://hal.archives-ouvertes.fr/hal-00938855/document
Accès libre
Accéder au document

http://arxiv.org/pdf/1401.7635
Accès libre
Accéder au document

https://hal.archives-ouvertes.fr/hal-00938855/document
Accès libre
Accéder au document

document
Accès libre
Accéder au document

sosies.pdf
Accès libre
Accéder au document

1401.7635
Accès libre
Accéder au document

document
Accès libre
Accéder au document

sosies.pdf
Accès libre
Accéder au document

Tailored Source Code Transformations to ... BibTeX CSV Excel RIS

Fichiers

Tailored Source Code Transformations to ...

BibTeX

CSV

Excel

RIS