Random Code Variation Compilation Automated software diversity’s performance penalties
Ladda ner
Typ
Examensarbete för masterexamen
Master Thesis
Master Thesis
Program
Computer science – algorithms, languages and logic (MPALG), MSc
Publicerad
2018
Författare
Andersson, Christoffer Hao
Modellbyggare
Tidskriftstitel
ISSN
Volymtitel
Utgivare
Sammanfattning
This thesis investigates automated software diversity applied post linking, as a protection method for legitimate applications. A mutation tool was built that can apply different mutation schemes directly on application binaries. Mutation schemes similar to methods used to hide malicious code were implemented. The schemes were applied to a legitimate application. Three properties were then analyzed for each mutation scheme: correctness, uniqueness and performance. Correctness means proper functionality for the mutated code. Uniqueness is how hard it is to recognize the mutated code, knowing the original. Performance is how the mutation affected the application performance-wise. The result showed that the choice of mutation schemes and their parameters greatly affected the uniqueness and performance. It was found that schemes could be grouped into different scheme types, sharing properties in how they work. Finally, it seems like it would be better to apply mutation on a higher level for both performance and uniqueness, either if machine code could be lifted to a higher-level language or if the mutation were integrated directly in the compiler and linker.
Beskrivning
Ämne/nyckelord
Data- och informationsvetenskap , Computer and Information Science