Computer Science

Computer Science ›› 2022, Vol. 49 ›› Issue (12): 118-124.doi: 10.11896/jsjkx.211200029

• Computer Software • Previous Articles     Next Articles

Software Diversity Evaluation Method Based on Multi-granularity Features

CHI Yu-ning, GUO Yun-fei, WANG Ya-wen, HU Hong-chao   

  1. Institution of Scientific and Technical Information,People’s Liberation Army Strategic Support Force Information Engineering University,Zhengzhou 450001,China
  • Received:2021-12-02 Revised:2022-05-16 Published:2022-12-14
  • About author:CHI Yu-ning,born in 1995,postgra-duate.Her main research interests include software diversification and mi-micry defense.WANG Ya-wen,born in 1991,Ph.D.His main research interests include cloud computing security and scientific workflow security.
  • Supported by:
    National Key Research and Development Program of China(2021YFB1006200,2021YFB1006201) and National Natural Science Foundation of China(62072467).

PDF (PC)

345

Abstract: Aiming at the problem that existing software diversity evaluation methods generally adopt single feature,a software diversity evaluation method based on multi-granularity feature is proposed.This method analyzes four granularity of program:instruction,function,basic block and binary file.First,different granularity are obtained by small prime product method and dyna-mic weight distribution algorithm.Then,the granularity is analyzed according to the effectiveness of diversification technology.In the experimental part,GNU coreutils is used to comprehensively evaluate 7 software diversification methods.The result is analyzed to verify the applicability of the evaluation algorithm.Experimental results show that this evaluation method can accurately evaluate the effectiveness of software diversification methods from both vertical and horizontal directions,which has reference value for the research direction of subsequent diversification technology.

Key words: Software diversity, Multi-granularity feature, Diversity analysis, Prime product method, Quantitative evaluation

CLC Number: 

  • TP393
[1]LITCHFIELD D.Buffer Underruns,DEP,ASLR and improving the Exploitation Prevention Mechanisms(XPMs) on the Windows platform[J].Next Generation Security Software,2005.https://www.nccgroup.com/globalassets/our-research/uk/whit-epapers/xpms.pdf.
[2]LIVSHITS V B,LAM M S.Finding Security Vulnerabilities in Java Applications with Static Analysis[C]//USENIX Security Symposium.2005,14:18-18.
[3]YAO D,ZHANG Z,ZHANG G F,et al.A Survey on Multi-Variant Execution Security Defense Technology[J].Journal of Information Security,2020,5(5):77-94.
[4]DULLIEN T,ROLLES R.Graph-based comparison of executable objects(english version)[J].SSTIC,2005,5(1):3.
[5]CRISTIANO G,ANTON K,ANDREW S T.Enhanced opera-ting system security through efficient and fine-grained address space randomization[C]//Proceedings of the 21st USENIX Security Symposium.2012:475-490.
[6]HERNANDEZ-CASTRO J,ROSSMAN J.Measuring soft- ware diversity,with applications to security[EB/OL].[2020-04-13].https://arxiv.org/abs/1310.3307vl.
[7]SHANNON C E.A mathematical theory of communication[J].Bell System Technical Journal,1948,27(3):379-423.
[8]COHEN F B.Operating system protection through programevolution[J].Computers & Security,1993,12(6):565-584.
[9]SEBASTIAN B,CHRISTIAN C,VIJAY G,et al.Code Obfuscation Against Symbolic Execution Attacks[C]//Proceedings of the 32nd Annual Conference on Computer Security Applications(ACSAC ’16).2016:189-200.
[10]SEBASTIAN B,CHRISTIAN C,ALEXANDER P.Predictingthe resilience of obfuscated code against symbolic execution attacks via machine learning[C]//Proceedings of the 26th USENIX Security Symposium.2017:661-678
[11]COFFMAN J,CHAKRAVARTY A,RUSSO J A,et al.Quantifying the Effectiveness of Software Diversity using Near-Duplicate Detection Algorithms[C]//Proceedings of the 5th ACM Workshop on Moving Target Defense.2018:1-10
[12]LIU Z W,SUI R,ZHANG Z,et al.Software Diversity Evaluation Based on Information Entropy and Software Complexity [J].Journal of Information Engineering University,2020,21(2):207-213.
[13]GEARHART A S,HAMILTON P A,COFFMAN J.An Analysis of Automated Software Diversity Using Unstructured Text Analytics[C]//2018 48th Annual IEEE/IFIP International Conference on Dependable Systems and Networks Workshops(DSN-W).IEEE,2018.
[14]DULLIEN T,ROLLES R.Graph-based comparison of executable objects(english version)[J/OL].SSTIC,2005.https://www.docin.com/p-1472608287.html.
[15]DONG Q H,WANG Y G.Partition-based binary file similarity comparison method[J].Journal of Computer Applications,2015,35(10):2896-2900.
[16]HOMESCU A,NEISIUS S,LARSEN P,et al.Profile-guidedautomated software diversity[C]//Proceedings of the 2013 IEEE/ACM International Symposium on Code Generation and Optimization(CGO).IEEE,2013:1-11.
[17]JUNO D P,RINALDINI J,WEHRLI J,et al.Obfuscator-LLVM-Software Protection for the Masses[C]//2015 IEEE/ACM 1st International Workshop on Software Protection(SPRO).ACM,2015:3-9.
[18]LARSEN P,HOMESCU A,BRUNTHALER S,et al.SoK:Automated Software Diversity[C]//2014 IEEE Symposium on Security and Privacy.2014:276-291.
[19]LÁSZLÓ T,KISS Á.Obfuscating C++ programs via control flow flattening[J].Annales Universitatis Scientarum Budapestinensis de Rolando Eötvös Nominatae,Sectio Computatorica,2009,30(1):3-19.
[20]COLLBERG C,THOMBORSON C,LOW D.ManufacturingCheap,Resilient,and Stealthy Opaque Constructs[C]//Procee-dings of the 25th ACM SIGPLAN-SIGACT Symposium on Prin-ciples of Programming Languages.1998:184-196.
[1] ZHANG Yuan, KANG Le, GONG Zhao-hui, ZHANG Zhi-hong. Related Transaction Behavior Detection in Futures Market Based on Bi-LSTM [J]. Computer Science, 2022, 49(7): 31-39.
[2] WANG Dong, ZHOU Da-ke, HUANG You-da , YANG Xin. Multi-scale Multi-granularity Feature for Pedestrian Re-identification [J]. Computer Science, 2021, 48(7): 238-244.
[3] ZHANG Yu-jia, PANG Jian-min, ZHANG Zheng and WU Jiang-xing. Mimic Security Defence Strategy Based on Software Diversity [J]. Computer Science, 2018, 45(2): 215-221.
[4] WANG Bing and QUAN Ji-chuan. Evaluation Indexes of Information Service Quality in C2 System [J]. Computer Science, 2016, 43(Z11): 581-584.
[5] HAO Xue-liang, ZHU Xiao-dong and LIU Li. Software Maintainability Evaluation Based on Fractal Theory [J]. Computer Science, 2015, 42(Z11): 497-499.
[6] XIE Xin, LIU Fen-lin, LU Bin and GONG Dao-fu. Quantitative Evaluation for Effectiveness of Code Obfuscation Based on Multi-level Weighted Attributes [J]. Computer Science, 2015, 42(3): 167-173.
[7] ZHANG Wei-xiang,LIU Wen-hong and WU Xin. Quantitative Evaluation Across Software Development Life Cycle Based on Data Fusion [J]. Computer Science, 2013, 40(Z11): 192-195.
Viewed
Full text


Abstract

Cited
  Shared   
  Discussed   
No Suggested Reading articles found!
渝ICP备16013121号-4
Add:18# Honghu West Rd., Yubei ,Chongqing,China    Post Code: 401121
Tel: 023-63500828/023-67039612/023-67039623
E-mail: jsjkx12@163.com
Powered by Beijing Magtech Co., Ltd.