[LLVMdev] Adding diversity for security (and testing)
Nick Kledzik
kledzik at apple.com
Mon Aug 26 14:01:20 PDT 2013
On Aug 26, 2013, at 11:39 AM, Stephen Crane <sjcrane at uci.edu> wrote:
> I am a PhD student in the Secure Systems and Software Lab at UC
> Irvine. We have been working on adding randomness into code generation
> to create a diverse population of binaries. This diversity prevents
> code-reuse attacks such as return-oriented-programming (ROP) by
> denying the attacker information about the exact code layout.
How is the "diverse population" of binaries generated and delivered? The tradition
software development model is to qualify one “golden master” which is then
duplicated to all customers.
-Nick
More information about the llvm-dev
mailing list