Frankencode: Creating Diverse Programs Using Code Clones
Frankencode: Creating Diverse Programs Using Code Clones
In this paper, we present an approach to detectingnovel cyber attacks though a form of program diversification, similar to the use of n-version programming forfault tolerant systems. Building on extensive previousand ongoing work by others on the use of code clonesin a wide variety of areas, our Functionally EquivalentVariants using Information Synchronization (FEVIS) system automatically generates program variants to berun in parallel, seeking to detect attacks through divergencein behavior. Unlike approaches to diversificationthat only change program memory layout and behavior, FEVIS can detect attacks exploiting vulnerabilities inexecution timing, string processing, and other logicerrors. We are in the early stages of research and developmentfor this approach, but have made sufficientprogress to provide a proof of concept and somelessons learned. In this paper we describe FEVISand its application to diversifying an open-sourcewebserver, with results on several different exampleclasses of attack which FEVIS will detect.
- Adventium Labs (United States) United States
selected citations These citations are derived from selected sources.This is an alternative to the "Influence" indicator, which also reflects the overall/total impact of an article in the research community at large, based on the underlying citation network (diachronically).2 popularity This indicator reflects the "current" impact/attention (the "hype") of an article in the research community at large, based on the underlying citation network.Average influence This indicator reflects the overall/total impact of an article in the research community at large, based on the underlying citation network (diachronically).Average impulse This indicator reflects the initial momentum of an article directly after its publication, based on the underlying citation network.Average
Citations provided by BIP!Popularity provided by BIP!