Sciweavers

IWSEC
2007
Springer

Run-Time Randomization to Mitigate Tampering

14 years 5 months ago
Run-Time Randomization to Mitigate Tampering
The problem of defending software against tampering by a malicious host is not expected to be solved soon. Rather than trying to defend against the first attack, randomization tries to minimize the impact of a successful attack. Unfortunately, widespread adoption of this technique is hampered by its incompatibility with the current software distribution model, which requires identical physical copies. The ideas presented in this paper are a compromise between distributing identical copies and unique executions by diversifying at run time, based upon additional chaff input and variable program state. This makes it harder to zoom in on a point of interest and may fool an attacker into believing that he has succeeded, while the attack will work only for a short period of time, a small number of computers, or a subset of the input space.
Bertrand Anckaert, Mariusz H. Jakubowski, Ramarath
Added 08 Jun 2010
Updated 08 Jun 2010
Type Conference
Year 2007
Where IWSEC
Authors Bertrand Anckaert, Mariusz H. Jakubowski, Ramarathnam Venkatesan, Koen De Bosschere
Comments (0)