2011 | OriginalPaper | Buchkapitel
End-to-End Software Diversification of Internet Services
verfasst von : Mihai Christodorescu, Matthew Fredrikson, Somesh Jha, Jonathon Giffin
Erschienen in: Moving Target Defense
Verlag: Springer New York
Aktivieren Sie unsere intelligente Suche, um passende Fachinhalte oder Patente zu finden.
Wählen Sie Textabschnitte aus um mit Künstlicher Intelligenz passenden Patente zu finden. powered by
Markieren Sie Textabschnitte, um KI-gestützt weitere passende Inhalte zu finden. powered by
Software diversification has been approached as a tool to provide security guarantees for programs that lack type safety (e.g., programs written in C). In this setting, diversification operates by changing the memory layout of program code or data and by changing the syntax of program code. These techniques succeed as a defense against an attacker’s use of type-safety vulnerabilities (e.g., buffer overflows) because they randomize the key elements necessary to a successful low-level intrusion (memory addresses and memory contents). This chapter proposes to extend software diversification from a point technique, applied to hand-picked aspects of a single program, to an comprehensive technique
applied by default to all components of an application
. Internet services is used as a focused example here.