Team for Research in
Ubiquitous Secure Technology

Independence From Obfuscation: A Semantic Framework for Diversity
Riccardo Pucella and Fred B. Schneider

Citation
Riccardo Pucella and Fred B. Schneider. "Independence From Obfuscation: A Semantic Framework for Diversity". Technical report, Cornell University, TR2006-2016, January, 2006.

Abstract
A set of replicas is diverse to the extent that all implement the same functionality but differ in their implementation details. Diverse replicas are less prone to having vulnerabilities in common, because attacks typically depend on memory layout and/or instruction-sequence specifics. Recent work advocates using mechanical means, such as program rewriting, to create such diversity. A correspondence between the specific transformations being employed and the attacks they defend against is often provided, but little has been said about the overall effectiveness of diversity per se in defending against attacks. With this broader goal in mind, we here give a precise characterization of attacks, applicable to viewing diversity as a defense, and also show how mechanically-generated diversity compares to a well-understood defense, strong typing.

Electronic downloads

Citation formats  
  • HTML
    Riccardo Pucella and Fred B. Schneider. <a
    href="http://www.truststc.org/pubs/34.html"
    ><i>Independence From Obfuscation: A Semantic
    Framework for Diversity</i></a>, Technical
    report,  Cornell University, TR2006-2016, January, 2006.
  • Plain text
    Riccardo Pucella and Fred B. Schneider. "Independence
    From Obfuscation: A Semantic Framework for Diversity".
    Technical report,  Cornell University, TR2006-2016, January,
    2006.
  • BibTeX
    @techreport{PucellaSchneider06_IndependenceFromObfuscationSemanticFrameworkForDiversity,
        author = {Riccardo Pucella and Fred B. Schneider},
        title = {Independence From Obfuscation: A Semantic
                  Framework for Diversity},
        institution = {Cornell University},
        number = {TR2006-2016},
        month = {January},
        year = {2006},
        abstract = {A set of replicas is diverse to the extent that
                  all implement the same functionality but differ in
                  their implementation details. Diverse replicas are
                  less prone to having vulnerabilities in common,
                  because attacks typically depend on memory layout
                  and/or instruction-sequence specifics. Recent work
                  advocates using mechanical means, such as program
                  rewriting, to create such diversity. A
                  correspondence between the specific
                  transformations being employed and the attacks
                  they defend against is often provided, but little
                  has been said about the overall effectiveness of
                  diversity per se in defending against attacks.
                  With this broader goal in mind, we here give a
                  precise characterization of attacks, applicable to
                  viewing diversity as a defense, and also show how
                  mechanically-generated diversity compares to a
                  well-understood defense, strong typing.},
        URL = {http://www.truststc.org/pubs/34.html}
    }
    

Posted by Amy D. Fish on 17 Feb 2006.
For additional information, see the Publications FAQ or contact webmaster at www truststc org.

Notice: This material is presented to ensure timely dissemination of scholarly and technical work. Copyright and all rights therein are retained by authors or by other copyright holders. All persons copying this information are expected to adhere to the terms and constraints invoked by each author's copyright.