Source Code Transformations for Improving Security of Time-bounded K-variant Systems

摘要

Context: Source code transformation techniques can improve the security of systems against memory exploitation attacks. As such, the chance of exploitation of security vulnerabilities can be decreased by using different controlled source code transformation techniques. In K-variant architecture, multiple variants of a program are generated through a controlled source code transformation to improve the security of systems.Objective: To investigate the effectiveness and practicality of source code program transformations in improving the security of time-bounded K-variant systems for memory exploitation attacks.Method: The effectiveness of program transformations in improving the security of time-bounded K-variant systems is experimentally investigated for different memory attacks.Results: The results suggest that generating multiple variants using the presented transformations significantly improves the survivability of time-bounded K-variant systems under memory exploitation attacks.Conclusion: We conclude that generating multi-variants in time-bounded K-variant systems in accordance with the presented program transformations may improve the security of time-bounded K-variant systems significantly for memory exploitation attacks with a reasonable cost and overhead.