Multi-Variant Execution Research of Software Diversity

Zhenwu Liu, Zheng Zhang, Jiexin Zhang, Hao Liu
2019 Journal of Physics, Conference Series  
As more and more software products are threatened by malicious reverse analysis, along with software products are pirated, tampered with and so on, it is of great significance to study software security protection technology in depth. As a software security protection technology, software diversification introduces uncertainty into the target program and provides probabilistic protection for the target program. Multi-Variant Execution (MVE) are fine-grained implementation of software
more » ... tion that produces functionally identical variants at the system call level. This article first introduces the related concepts of multivariant execution. Secondly, it expounds the key technologies of multi-variant execution implementation-variant generation, variant monitor, input/output and synchronization, monitor-variant communication. Security of monitors and different variant communication technologies are analyzed and compared, their advantages and defects are pointed out respectively. Several implementation methods of multi-variant execution design are summarized. Finally, the reasons for the false negatives and false positives of attack events are analyzed, and the prospects and challenges of using multi-variant execution techniques to implement security systems are summarized. Another economical way to protect software is to use software diversification. In this way, software vendors will take the technical means rather than legal means to protect intellectual property. Programs that are distributed on a large scale are also vulnerable to attacks of the same size. An attacker only needs one exploit to attack the same replica using the same attack method or even code. The way nature solves this problem is biodiversity. A single plant may die from a pathogen, but due to genetic variation, the entire species can survive. Software developers often use automated software diversification techniques to confuse code to a certain degree, making it difficult for attackers to reverse-analyze the confusing program, avoiding the discovery of software vulnerabilities and the leakage of program source code, ensuring software service security and intellectual property rights. Modern operating systems basically support Address Space Layout Randomization (ASLR)[1], ASLR randomly changes the code's address in memory, thereby reducing the execution success rate of the attack code. Software diversity is a probabilistic defensive approach. The core idea of active defense technology such as Moving Target Defense[2], Mimic Defense[3], is to apply software and hardware diversification techniques to dynamically change the attack surface and increase the workload of the attacker. These active defense technologies hope to change the "rules of the game", using uncertainty to make the offensive and defensive balances tend to defenders, fundamentally changing the asymmetry of attackers and defenders. Software diversification technology is a powerful support for these active defense technologies, which has great research significance. After using the software diversification technology on the software program, the uncertainty of the attack is increased, and the unitary and homogeneity problems brought by the software standardization are avoided. Thereby avoiding the large-scale data leakage and service paralysis caused by the above problems once the attack is successful. At the same time, a mechanism that votes on the output can be a probabilistic defense against attacks such as memory attacks. With the rapid development of cloud computing services and the popularity of multicore processors, the fine-grained domain of software diversification --(Multi-Variant Execution, MVE) technology has also been rapidly developed. This paper will comprehensively summarize the research on the multi-variant execution in recent years. The key technologies of monitor, input/output, synchronization and monitor-variant communication are introduced. The advantages and disadvantages of monitor security and different communication technologies are compared and analyzed. Then it analyzes the causes of false positives and false negatives. The tradeoffs between performance and security are also analyzed. Finally, the work of the full text is summarized.
doi:10.1088/1742-6596/1325/1/012107 fatcat:5xo7gqyy5zgl7otewo64wgstg4