Ghent University Academic Bibliography

Advanced

Feedback-driven binary code diversification

Bart Coppens UGent, Bjorn De Sutter UGent and Jonas Maebe (2013) ACM TRANSACTIONS ON ARCHITECTURE AND CODE OPTIMIZATION. 9(4).
abstract
As described in many blog posts and in the scientific literature, exploits for software vulnerabilities are often engineered on the basis of patches. For example, "Microsoft Patch Tuesday" is often followed by "Exploit Wednesday" during which yet unpatched systems become vulnerable to patch-based exploits. Part of the patch engineering includes the identification of the vulnerable binary code by means of reverse-engineering tools and diffing add-ons. In this article we present a feedback-driven compiler tool flow that iteratively transforms code until diffing tools become ineffective enough to close the "Exploit Wednesday" window of opportunity. We demonstrate the tool's effectiveness on a set of real-world patches and against the latest version of BinDiff.
Please use this url to cite or link to this publication:
author
organization
year
type
journalArticle (original)
publication status
published
subject
keyword
program matching, patches, binary diffing, software diversity, Security, Compiler transformations, Measurement, Experimentation
journal title
ACM TRANSACTIONS ON ARCHITECTURE AND CODE OPTIMIZATION
volume
9
issue
4
article number
24
pages
25 pages
publisher
ACM
Web of Science type
Article
Web of Science id
000313911800001
JCR category
COMPUTER SCIENCE, THEORY & METHODS
JCR impact factor
0.597 (2013)
JCR rank
70/102 (2013)
JCR quartile
3 (2013)
ISSN
1544-3566
DOI
10.1145/2400682.2400683
language
English
UGent publication?
yes
classification
A1
copyright statement
I have transferred the copyright for this publication to the publisher
id
3223531
handle
http://hdl.handle.net/1854/LU-3223531
date created
2013-05-24 11:08:14
date last changed
2016-12-21 15:42:34
@article{3223531,
  abstract     = {As described in many blog posts and in the scientific literature, exploits for software vulnerabilities are often engineered on the basis of patches. For example, {\textacutedbl}Microsoft Patch Tuesday{\textacutedbl} is often followed by {\textacutedbl}Exploit Wednesday{\textacutedbl} during which yet unpatched systems become vulnerable to patch-based exploits. Part of the patch engineering includes the identification of the vulnerable binary code by means of reverse-engineering tools and diffing add-ons. In this article we present a feedback-driven compiler tool flow that iteratively transforms code until diffing tools become ineffective enough to close the {\textacutedbl}Exploit Wednesday{\textacutedbl} window of opportunity. We demonstrate the tool's effectiveness on a set of real-world patches and against the latest version of BinDiff.},
  articleno    = {24},
  author       = {Coppens, Bart and De Sutter, Bjorn and Maebe, Jonas},
  issn         = {1544-3566},
  journal      = {ACM TRANSACTIONS ON ARCHITECTURE AND CODE OPTIMIZATION},
  keyword      = {program matching,patches,binary diffing,software diversity,Security,Compiler transformations,Measurement,Experimentation},
  language     = {eng},
  number       = {4},
  pages        = {25},
  publisher    = {ACM},
  title        = {Feedback-driven binary code diversification},
  url          = {http://dx.doi.org/10.1145/2400682.2400683},
  volume       = {9},
  year         = {2013},
}

Chicago
Coppens, Bart, Bjorn De Sutter, and Jonas Maebe. 2013. “Feedback-driven Binary Code Diversification.” Acm Transactions on Architecture and Code Optimization 9 (4).
APA
Coppens, B., De Sutter, B., & Maebe, J. (2013). Feedback-driven binary code diversification. ACM TRANSACTIONS ON ARCHITECTURE AND CODE OPTIMIZATION, 9(4).
Vancouver
1.
Coppens B, De Sutter B, Maebe J. Feedback-driven binary code diversification. ACM TRANSACTIONS ON ARCHITECTURE AND CODE OPTIMIZATION. ACM; 2013;9(4).
MLA
Coppens, Bart, Bjorn De Sutter, and Jonas Maebe. “Feedback-driven Binary Code Diversification.” ACM TRANSACTIONS ON ARCHITECTURE AND CODE OPTIMIZATION 9.4 (2013): n. pag. Print.