This manual provides comprehensive information for the Automated Software Diversity publication, authored by Larsen, Per, Brunthaler, Stefan, and Davi, Lucas. Published by Morgan & Claypool Publishers in 2015, this work delves into the critical area of low-level programming languages and the security challenges they present. It explores automatic software diversity techniques, utilizing randomization to enhance the security of existing codebases and mitigate exploitation risks. The book highlights the effectiveness of diversity-based defenses by demonstrating how unique attack surfaces can thwart single attack strategies, offering an accessible guide to over two decades of research in this field.
The scope of this manual encompasses a detailed examination of software diversity, including complementary methods for diversifying attack surfaces and techniques for preventing the accidental disclosure of randomized program aspects. It features an in-depth case study of a specific diversification solution. This resource is intended for individuals seeking to understand and implement advanced security measures in software development, system administration, and cryptography, providing essential knowledge for professionals and researchers in these domains.
Whereas user-facing applications are often written in modern languages, the firmware, operating system, support libraries, and virtual machines that underpin just about any modern computer system are still written in low-level languages that value flexibility and performance over convenience and safety. Programming errors in low-level code are often exploitable and can, in the worst case, give adversaries unfettered access to the compromised host system. This book provides an introduction to and overview of automatic software diversity techniques that, in one way or another, use randomization to greatly increase the difficulty of exploiting the vast amounts of low-level code in existence. Diversity-based defenses are motivated by the observation that a single attack will fail against multiple targets with unique attack surfaces. We introduce the many, often complementary, ways that one can diversify attack surfaces and provide an accessible guide to more than two decades worth of research on the topic. We also discuss techniques used in conjunction with diversity to prevent accidental disclosure of randomized program aspects and present an in-depth case study of one of our own diversification solutions.
Author: Larsen, Per
Author: Brunthaler, Stefan
Author: Davi, Lucas
Publisher: Morgan & Claypool Publishers
Illustration: n
Language: ENG
Title: Automated Software Diversity
Pages: 00088 (Encrypted PDF)
On Sale: 2015-12-01
SKU-13/ISBN: 9781627057349
Category: Computers : Software Development & Engineering - General
Category: Computers : System Administration - Storage & Retrieval
Category: Computers : Security - Cryptography
Whereas user-facing applications are often written in modern languages, the firmware, operating system, support libraries, and virtual machines that underpin just about any modern computer system are still written in low-level languages that value flexibility and performance over convenience and safety. Programming errors in low-level code are often exploitable and can, in the worst case, give adversaries unfettered access to the compromised host system. This book provides an introduction to and overview of automatic software diversity techniques that, in one way or another, use randomization to greatly increase the difficulty of exploiting the vast amounts of low-level code in existence. Diversity-based defenses are motivated by the observation that a single attack will fail against multiple targets with unique attack surfaces. We introduce the many, often complementary, ways that one can diversify attack surfaces and provide an accessible guide to more than two decades worth of research on the topic. We also discuss techniques used in conjunction with diversity to prevent accidental disclosure of randomized program aspects and present an in-depth case study of one of our own diversification solutions.
Author: Larsen, Per
Author: Brunthaler, Stefan
Author: Davi, Lucas
Publisher: Morgan & Claypool Publishers
Illustration: n
Language: ENG
Title: Automated Software Diversity
Pages: 00088 (Encrypted PDF)
On Sale: 2015-12-01
SKU-13/ISBN: 9781627057349
Category: Computers : Software Development & Engineering - General
Category: Computers : System Administration - Storage & Retrieval
Category: Computers : Security - Cryptography
