Wide application security by low-level program code obfuscation techniques



Ville Leppänen, Sampsa Rauti, Samuel Lauren

PublisherMATINE, Ministry of Defense

Puolustusministeriö PL 31 00131 HELSINKI

2014

978-951-25-2635-2

http://www.defmin.fi/files/3035/2500M-0010.pdf



The goal of our research project is to protect security of applications and software systems in a

whole new way: by diversifying implementations of all the software layers and their interfaces

on the binary level. The system call interface of the operating system is diversified uniquely for

each system and all the entry points to this interface are diversified in applications and librar-

ies accordingly. Moreover, the diversification in the library level is transitive. Malware that uses

prior knowledge about existing interfaces in an operating system is now rendered useless be-

cause of diversification. All in all, our diversification based solution is a proactive solution

against the prevailing operating system monoculture. The research project provided a proof-

of-concept implementation for Linux. Our solution does not aim at removing the possible ex-

istence of security holes in Linux but rather making it infeasible to deliver effective malware

through such security holes into the operating system environment.



Last updated on 2024-26-11 at 23:12