Computer Science ›› 2018, Vol. 45 ›› Issue (2): 215-221.doi: 10.11896/j.issn.1002-137X.2018.02.037

Previous Articles     Next Articles

Mimic Security Defence Strategy Based on Software Diversity

ZHANG Yu-jia, PANG Jian-min, ZHANG Zheng and WU Jiang-xing   

  • Online:2018-02-15 Published:2018-11-13

Abstract: With the development of reverse engineering,the software industry has suffered a great loss from the software piracy and malicious attack for a long time.Code obfuscation techniques which can hide specific function of a program from malicious analysis for malware is thus frequently employed to mitigate this risk.However,most of the exis-ting obfuscation methods are language embedded and depend on the target architecture,this paper proposed a method of compile-time obfuscation,and further presented a prototype implementedation based on the LLVM compiler infrastructure.Furthermore,this paper implemented a mimic security defence system which is free from malicious attack with the software diversity method.

Key words: Obfuscation,Software diversity,Mimic defence

[1] SCHRITTWIESER S,KATZENBEISSER S,KINDER J,et al.Protecting Software through Obfuscation:Can It Keep Pace with Progress in Code Analysis?[J].ACM Computing Surveys (CSUR),2016,49(1):1-31.
[2] BORELLO J M,M L.Code obfuscation techniques for metamorphic viruses[J].Journal in Computer Virology, 2008,4(3):211-220.
[3] SASIREKHA N,HEMALATHA M.A Thorough Investigation on Software Protection Techniques against Various Attacks[J].Bonfring International Journal of Software Engineering and Soft Computing,2012,2(3):10-15.
[4] BHATKAR S,DUVARNEY D C,SEKAR R.Address Obfuscation:An Efficient Approach to Combat a Broad Range of MemoryError Exploits[C]∥Usenix Security.2003:105-120.
[5] XU J,KALBARCZYK Z,IYER R K.Transparent runtime randomization for security[C]∥International Symposium on Reliable Distributed Systems.2003:260-269.
[6] BARRANTES E G,ACKLEY D H,PALMER T S,et al.Randomized instruction set emulation to disrupt binary code injection attacks[C]∥Proceedings of the 10th ACM Conference on Computer and Communications Security.2003:281-289.
[7] KC G S,KEROMYTIS A D,PREVELAKIS V.Countering codein-jection attacks with instruction-set randomization[C]∥Procee-dings of the 10th ACM Conference on Computer and Communications Security.2003:272-280.
[8] ANCKAERT B,DE SUTTER B,DE BOSSCHERE K.Software piracy prevention through diversity[C]∥Proceedings of the 4th ACM Workshop on Digital Rights Management.2004:63-71.
[9] LARSEN P,HOMESCU A,BRUNTHALER S,et al.SoK:Automated software diversity[C]∥2014 IEEE Symposium on Security and Privacy.2014:276-291.
[10] COLLBERG C,THOMBORSON C,LOW D.A taxonomy of obfuscating transformations[C]∥Department of Computer Scien-ce.New Zealand,1997:1173-3500.
[11] COLLBERG C,THOMBORSON C,LOW D.Manufacturingcheap,resilient,and stealthy opaque constructs[C]∥Procee-dings of the 25th ACM SIGPLAN-SIGACT Symposium on Principles of Programming Languages.1998:184-196.
[12] BARAK B,GOLDREICH O,IMPAGLIAZZO R,et al.On the(im) possibility of obfuscating programs[C]∥Annual International Cryptology Conference.2001:1-18.
[13] WEE H.On obfuscating point functions[C]∥Proceedings of the Thirty-seventh Annual ACM Symposium on Theory of Computing.2005:523-532.
[14] BENDERSKY D,FUTORANSKY A,NOTARFRANCESCO L,et al.Advanced software protection now.http://www.zentralblatt-math.org/ioport/en/?q=an%3A05767133.
[15] LIN D,STAMP M.Hunting for undetectable metamorphic viruses[J].Journal in Computer Virology,2011,7(3):201-214.
[16] LINN C,DEBRAY S.Obfuscation of executable code to improve resistance to static disassembly[C]∥Proceedings of the 10th ACM Conference on Computer and Communications Security.2003:290-299.
[17] KULKARNI A,METTA R.A New Code Obfuscation Scheme for Software Protection[C]∥ IEEE International Symposium on Service Oriented System Engineering.2014:409-414.
[18] WANG C,DAVIDSON J,HILL J,et al.Protection of software-based survivability mechanisms[C]∥International Conference on Dependable Systems and Networks,2001(DSN 2001).2001:193-202.
[19] SHACHAM H,PAGE M,PFAFF B,et al.On the effectiveness of address-space randomization[C]∥ACM Conference on Computer and Communications Security.2004:298-307.
[20] LARSEN P,BRUNTHALER S,FRANZ M.Security throughdiversity:Are we there yet?[J].IEEE Security & Privacy,2014,12(2):28-35.
[21] JUNOD P,RINALDINI J,WEHRLI J,et al.Obfuscator-LLVM:software protection for the masses[C]∥Proceedings of the 1st International Workshop on Software Protection.2015:3-9.
[22] SCHAEFER I,RABISER R,CLARKE D,et al.Software diversity:state of the art and perspectives[J].International Journal on Software Tools for Technology Transfer,2012,14(5):477-495.
[23] JOSEPH M K.Architectural issues in fault-tolerant,Secure Com-puting Systems[D].Los Angeles:University of California at Los Angeles,1988.
[24] KNIGHT J C,LEVESON N G.An experimental evaluation of the assumption of independence in multiversion programming[J].IEEE Transactions on software engineering,1986,SE-12(1):96-109.
[25] BITANSKY N,VAIKUNTANATHAN V.Indistinguishability Obfuscation from Functional Encryption[C]∥IEEE 56th An-nual Symposium on Foundations of Computer Science.2015:171-190.
[27] WU J X.Mimic Security Defense in Cyber Space [J].Secrecy Science and Technology,2014,10(1):4-9.(in Chinese) 邬江兴.网络空间拟态安全防御[J].保密科学技术,2014,10(1):4-9.
[28] PALSBERG J,KRISHNASWAMY S,KWON M,et al.Experien-ce with software watermarking[C]∥16th Annual Conference Computer Security Applications,2000(ACSAC’00).2000:308-316.
[29] MAJUMDAR A,MONSIFROT A,T HOMBORSON C.On Evaluating Obfuscatory Strength of Alias-based Transforms using Static Analysis[C]∥International Conference on Advanced Computing and Communications.2006:605-610.
[30] YADEGARI B,JOHANNESMEYER B,W HITELY B,et al.A generic approach to automatic deobfuscation of executable code[C]∥2015 IEEE Symposium on Security and Privacy.2015:674-691.
[31] SCHRITTWIESER S,KATZENBEISSER S,K IESEBERG P,et al.Covert Computation—Hiding code in code through compile-time obfuscation[J].Computers & Security,2014,42(4):13-26.
[32] SEBASTIAN S,KATZENBEISSER S,KIESEBERG P,et al.Covert computation:hiding code in code for obfuscation purposes[C]∥ Acm Sigsac Symposium on Information.2013.
[33] SNOW K Z,MONROSE F,DAVI L,et al.Just-in-time codereuse:On the effectiveness of fine-grained address space layout randomization[C]∥2013 IEEE Symposium on Security and Privacy (SP).2013:574-588.

No related articles found!
Viewed
Full text


Abstract

Cited

  Shared   
  Discussed   
[1] LEI Li-hui and WANG Jing. Parallelization of LTL Model Checking Based on Possibility Measure[J]. Computer Science, 2018, 45(4): 71 -75, 88 .
[2] XIA Qing-xun and ZHUANG Yi. Remote Attestation Mechanism Based on Locality Principle[J]. Computer Science, 2018, 45(4): 148 -151, 162 .
[3] LI Bai-shen, LI Ling-zhi, SUN Yong and ZHU Yan-qin. Intranet Defense Algorithm Based on Pseudo Boosting Decision Tree[J]. Computer Science, 2018, 45(4): 157 -162 .
[4] WANG Huan, ZHANG Yun-feng and ZHANG Yan. Rapid Decision Method for Repairing Sequence Based on CFDs[J]. Computer Science, 2018, 45(3): 311 -316 .
[5] SUN Qi, JIN Yan, HE Kun and XU Ling-xuan. Hybrid Evolutionary Algorithm for Solving Mixed Capacitated General Routing Problem[J]. Computer Science, 2018, 45(4): 76 -82 .
[6] ZHANG Jia-nan and XIAO Ming-yu. Approximation Algorithm for Weighted Mixed Domination Problem[J]. Computer Science, 2018, 45(4): 83 -88 .
[7] WU Jian-hui, HUANG Zhong-xiang, LI Wu, WU Jian-hui, PENG Xin and ZHANG Sheng. Robustness Optimization of Sequence Decision in Urban Road Construction[J]. Computer Science, 2018, 45(4): 89 -93 .
[8] LIU Qin. Study on Data Quality Based on Constraint in Computer Forensics[J]. Computer Science, 2018, 45(4): 169 -172 .
[9] ZHONG Fei and YANG Bin. License Plate Detection Based on Principal Component Analysis Network[J]. Computer Science, 2018, 45(3): 268 -273 .
[10] SHI Wen-jun, WU Ji-gang and LUO Yu-chun. Fast and Efficient Scheduling Algorithms for Mobile Cloud Offloading[J]. Computer Science, 2018, 45(4): 94 -99, 116 .