Diversifying the Software Stack Using Randomized NOP Insertion

  • Todd Jackson
  • Andrei Homescu
  • Stephen Crane
  • Per Larsen
  • Stefan Brunthaler
  • Michael Franz
Conference paper

DOI: 10.1007/978-1-4614-5416-8_8

Part of the Advances in Information Security book series (ADIS, volume 100)
Cite this paper as:
Jackson T., Homescu A., Crane S., Larsen P., Brunthaler S., Franz M. (2013) Diversifying the Software Stack Using Randomized NOP Insertion. In: Jajodia S., Ghosh A., Subrahmanian V., Swarup V., Wang C., Wang X. (eds) Moving Target Defense II. Advances in Information Security, vol 100. Springer, New York, NY

Abstract

Software monoculture is a significant liability from a computer security perspective. Single attacks can ripple through networks and affect large numbers of vulnerable systems. A simple but unusually powerful idea to solve this problem is to use artificial diversity in software systems. After discussing the design space of introducing artificial diversity, we present an in-depth performance analysis of our own technique: randomly inserting non-alignment NOP instructions. We observe that this technique has a moderate performance impact and demonstrate its real world applicability by diversifying a full system stack.

Copyright information

© Springer Science+Business Media New York 2013

Authors and Affiliations

  • Todd Jackson
    • 1
  • Andrei Homescu
    • 1
  • Stephen Crane
    • 1
  • Per Larsen
    • 1
  • Stefan Brunthaler
    • 1
  • Michael Franz
    • 1
  1. 1.Department of Computer ScienceUniversity of CaliforniaIrvineUSA

Personalised recommendations