Tampere University of Technology

TUTCRIS Research Portal

Symbol diversification of linux binaries

Research output: Chapter in Book/Report/Conference proceedingConference contributionScientificpeer-review

Details

Original languageEnglish
Title of host publication2014 World Congress on Internet Security, WorldCIS 2014
PublisherInstitute of Electrical and Electronics Engineers Inc.
Pages74-79
Number of pages6
ISBN (Electronic)9781908320421
DOIs
Publication statusPublished - 30 Jan 2014
Publication typeA4 Article in a conference publication
Event2014 World Congress on Internet Security, WorldCIS 2014 - London, United Kingdom
Duration: 8 Dec 201410 Dec 2014

Conference

Conference2014 World Congress on Internet Security, WorldCIS 2014
CountryUnited Kingdom
CityLondon
Period8/12/1410/12/14

Abstract

In this paper, we advocate large-scale diversification as a method to protect operating systems and render malicious programs ineffective. The idea is to diversify all the indirect library entry points to the system calls on a specific computer. As a result, it becomes very difficult for a piece of malware to access resources. The diversification of indirect system call entry points in operating system libraries is unique for each computer. Therefore, a piece of malware no longer works on several computers and becomes incompatible with their environment. We also present a concrete diversification tool and results on successful diversification. We conclude that despite some challenges, our tool can successfully diversify symbols in binaries and associated libraries in order to protect the system from attacks.