- May 5, 2016
- Posted by: Jeff Kish
- Categories: Attack Analysis & Mitigation News, Latest News, Networks & Cyber Security News, Research & Development News
Successful cyber-attacks against critical systems are becoming more common. Most current solutions focus on achieving resiliency and survivability, allowing software to continue working in a degraded or compromised state after a cyber-attack. However, there are specific mission requirements for certain critical cyber systems, where it is preferable for the mission software to fail or crash as quickly as possible after a successful cyber-attack. To achieve this “fast-crash” capability, IAI will continue to develop the Binary code Randomization for Attack Sensitive Software (BRASS), which creates “fast-crash” properties by automatically applying novel binary code randomization and transformation diversification techniques to a legacy binary software. The newly generated binary software variant will crash quickly and consistently when attacks or exploits are successful. This technique also provides a proof of functional equivalence for all software variants produced using the BRASS binary transformation method. Further, BRASS has an acceptable size overhead and causes no noticeable degradation in system performance. It provides the level of diversification sufficient to guarantee that an attack that succeeded in the original program or in a single variant will fail or crash other variants. BRASS diversification techniques do not require the source code, symbol store, debugging or relocation information, and can be applied to software binaries that are already deployed by DoD. BRASS can be applied in military and intelligence contexts, and in government and commercial organizations when software integrity and confidentiality is more important than resiliency, as well as when source code and development infrastructure is either unavailable or economically infeasible. It is also useful when redundant and diversified backup systems are available, since a faster failure and timely switch-over would minimize disruption and enhance overall resiliency.