Combined software randomization security defense method |
| |
| Authors: | HAN Kun ZHANG Hailin WU Bo XIN Dan REN Zhiyuan |
| |
| Affiliation: | (1. School of Telecommunications Engineering, Xidian Univ., Xi'an 710071, China;2. Dept. of Information Security, Xi'an Communication Institute, Xi'an 710106, China) |
| |
| Abstract: | The traditional software security defense approach has always been faced with the problem of being easy to conquer and hard to defend, so in order to build a software security defense system that is easy to defend and hard to conquer, based on the idea of moving target defense, a combined defense in depth method for software security is designed and implemented to resist the attacks due to software vulnerabilities. The method introduces the mechanism of randomization on the source code and binary code level, and makes those mechanisms work together comprehensively through the design of metadata database, and finally forms a defense in depth for software security protection. The experimental results of the prototype system show that the proposed method can automatically and effectively build a diversity of software, and the generated software shows the uncertainty from both static analysis and dynamic aspects, which makes it difficult to analyze and attack, thus being able to effectively resist the network attacks based on software vulnerabilities. |
| |
| Keywords: | defense standards software generation random complier software defense in depth |
|
| 点击此处可从《西安电子科技大学学报(自然科学版)》浏览原始摘要信息 |
|
点击此处可从《西安电子科技大学学报(自然科学版)》下载全文 |
|
