We are investigating compiler-generated software diversity as a defense mechanism against software attacks. Our solution is centered on an "App Store" containing a diversification engine (a "multicompiler") that automatically generates a unique version of every program each time that a downloader requests it. All the different versions of the same program behave in exactly the same way from the perspective of the end-user, but they implement their functionality in subtly different ways. As a result, any specific attack will succeed only on a small fraction of targets. An attacker would require a large number of different attacks and would have no way of knowing a priori which specific attack will succeed on which specific target. Equally importantly, our approach makes it much more difficult for an attacker to generate attack vectors by way of reverse engineering of security patches.
With the aid of hardware parallelism, such diversity can even be used to detect software attacks at run-time. For this, several variants of the same program are executed simultaneously and in lock-step on different cores of a multiprocessor. We have implemented a prototype that implements this approach for a dual-core x86 architecture. In order to detect a large range of attacks, the two variants of a program that are executed in parallel in our prototype grow the stack in opposite directions, causing stack-smashing, arc injection, and related attacks to affect the two variants differently. Our system is able to stop actual exploit codes when executing unpatched variants of the popular Apache web server, yet incurs only modest performance penalties on the order of 20%. While our current implementation executes two parallel variants, our framework is scalable to higher levels of parallelism with even higher defensive thresholds.
Prof. Michael Franz is a Professor of Computer Science in UCI's Donald Bren School of Information and Computer Sciences, a Professor of Electrical Engineering and Computer Science (by courtesy) in UCI's Henry Samueli School of Engineering, and the director of UCI's Secure Systems and Software Laboratory. He is currently also a visiting Professor of Informatics at ETH Zurich, the Swiss Federal Institute of Technology, from which he previously received the Dr. sc. techn. (advisor: Niklaus Wirth) and the Dipl. Informatik-Ing. ETH degrees.
This talk is organised by the Compilers and Languages Group at the Institute of Computer Languages.
Tea at the library of E185/1, Argentinierstr. 8, 4th floor (central) at 2:30 p.m.