Where academic tradition
meets the exciting future

You are here: TUCS > PUBLICATIONS > Publication Search > Symbol Diversification of Linu...

Symbol Diversification of Linux Binaries

Samuel Laurén, Petteri Mäki, Sampsa Rauti, Shohreh Hosseinzadeh, Sami Hyrynsalmi, Ville Leppänen, Symbol Diversification of Linux Binaries. In: Charles A. Shonigun, Galyna A. Akmayeva (Eds.), Proceedings of World Congress on Internet Security (WorldCIS-2014), 75–80, Infonomics Society, 2014.

http://dx.doi.org/10.1109/WorldCIS.2014.7028170

Abstract:

In this paper, we advocate large-scale diversification as a method to protect operating systems and render malicious programs ineffective. The idea is to diversify all the indirect library entry points to the system calls on a specific computer. As a result, it becomes very difficult for a piece of malware to access resources. The diversification of indirect system call entry points in operating system libraries is unique for each computer. Therefore, a piece of malware no longer works on several computers and becomes incompatible with their environment. We also present a concrete diversification tool and results on successful diversification. We conclude that despite some challenges, our tool can successfully diversify symbols in binaries and associated libraries in order to protect the system from attacks.

BibTeX entry:

@INPROCEEDINGS{inpLaMxRaHoHyLe14a,
  title = {Symbol Diversification of Linux Binaries},
  booktitle = {Proceedings of World Congress on Internet Security (WorldCIS-2014)},
  author = {Laurén, Samuel and Mäki, Petteri and Rauti, Sampsa and Hosseinzadeh, Shohreh and Hyrynsalmi, Sami and Leppänen, Ville},
  editor = {Shonigun, Charles A. and Akmayeva, Galyna A.},
  publisher = {Infonomics Society},
  pages = {75–80},
  year = {2014},
  keywords = {API diversification, symbol diversification, renaming, diversifier tool},
  ISSN = {978-1-908320-41-4},
}

Belongs to TUCS Research Unit(s): Software Development Laboratory (SwDev)

Edit publication