Constraint-Based Software Diversification for Efficient Mitigation of Code-Reuse Attacks

TL;DR

This paper presents DivCon, a constraint-based compiler approach that generates diverse and high-quality assembly code to mitigate code-reuse attacks, balancing security and performance efficiently.

Contribution

DivCon introduces a novel constraint-based method using Large Neighborhood Search to control the trade-off between code diversity and quality in software diversification.

Findings

DivCon effectively mitigates code-reuse attacks.

It achieves near-optimal code quality with high diversity.

The approach demonstrates a practical trade-off between diversity and quality.

Abstract

Modern software deployment process produces software that is uniform, and hence vulnerable to large-scale code-reuse attacks. Compiler-based diversification improves the resilience and security of software systems by automatically generating different assembly code versions of a given program. Existing techniques are efficient but do not have a precise control over the quality of the generated code variants. This paper introduces Diversity by Construction (DivCon), a constraint-based compiler approach to software diversification. Unlike previous approaches, DivCon allows users to control and adjust the conflicting goals of diversity and code quality. A key enabler is the use of Large Neighborhood Search (LNS) to generate highly diverse assembly code efficiently. Experiments using two popular compiler benchmark suites confirm that there is a trade-off between quality of each assembly code version and diversity of the entire pool of versions. Our results show that DivCon allows users to trade between these two properties by generating diverse assembly code for a range of quality bounds. In particular, the experiments show that DivCon is able to mitigate code-reuse attacks effectively while delivering near-optimal code (< 10% optimality gap). For constraint programming researchers and practitioners, this paper demonstrates that LNS is a valuable technique for finding diverse solutions. For security researchers and software engineers, DivCon extends the scope of compiler-based diversification to performance-critical and resource-constrained applications.