[LLVMdev] Adding diversity for security (and testing)

Nick Kledzik kledzik at apple.com
Mon Aug 26 14:01:20 PDT 2013


On Aug 26, 2013, at 11:39 AM, Stephen Crane <sjcrane at uci.edu> wrote:
> I am a PhD student in the Secure Systems and Software Lab at UC
> Irvine. We have been working on adding randomness into code generation
> to create a diverse population of binaries. This diversity prevents
> code-reuse attacks such as return-oriented-programming (ROP) by
> denying the attacker information about the exact code layout.

How is the "diverse population" of binaries generated and delivered?   The tradition 
software development model is to qualify one “golden master” which is then
duplicated to all customers.

-Nick



More information about the llvm-dev mailing list