Tailored Source Code Transformations to Synthesize Computationally Diverse Program Variants

Created by W.Langdon from gp-bibliography.bib Revision:1.3949

@InProceedings{Baudry:2014:ISSTA,
  author =       "Benoit Baudry and Simon Allier and Martin Monperrus",
  title =        "Tailored Source Code Transformations to Synthesize
                 Computationally Diverse Program Variants",
  booktitle =    "Proceedings of the 2014 International Symposium on
                 Software Testing and Analysis, ISSTA 2014",
  year =         "2014",
  pages =        "149--159",
  address =      "San Jose, CA, USA",
  month =        jul # " 21-25",
  publisher =    "ACM",
  keywords =     "genetic algorithms, genetic programming, Genetic
                 Improvement, SBSE, Program Transformation, Software
                 Diversity",
  isbn13 =       "978-1-4503-2645-2",
  acmid =        "2610415",
  URL =          "http://doi.acm.org/10.1145/2610384.2610415",
  DOI =          "doi:10.1145/2610384.2610415",
  abstract =     "The predictability of program execution provides
                 attackers a rich source of knowledge who can exploit it
                 to spy or remotely control the program. Moving target
                 defence addresses this issue by constantly switching
                 between many diverse variants of a program, which
                 reduces the certainty that an attacker can have about
                 the program execution. The effectiveness of this
                 approach relies on the availability of a large number
                 of software variants that exhibit different executions.
                 However, current approaches rely on the natural
                 diversity provided by of-the-shelf components, which is
                 very limited. In this paper, we explore the automatic
                 synthesis of large sets of program variants, called
                 sosies. Sosies provide the same expected functionality
                 as the original program, while exhibiting different
                 executions. They are said to be computationally
                 diverse.

                 This work addresses two objectives: comparing different
                 transformations for increasing the likelihood of sosie
                 synthesis (densifying the search space for sosies);
                 demonstrating computation diversity in synthesized
                 sosies. We synthesized 30 184 sosies in total, for 9
                 large, real-world, open source applications. For all
                 these programs we identified one type of program
                 analysis that systematically increases the density of
                 sosies; we measured computation diversity for sosies of
                 3 programs and found diversity in method calls or data
                 in more than 40percent of sosies. This is a step
                 towards controlled massive unpredictability of
                 software.",
  notes =        "Add/replace AST mutations of existing program's source
                 code. Spoon, JUnit, Dagger, EasyMock. Grid5000 p152
                 'sosiefication is a search problem'. 'natural software
                 diversity' p158 'In total, we were able to synthesize
                 30184 sosies'

                 Definition 1. Sosie (noun). Given a program P , a test
                 suite T S for P and a program transformation T , a
                 variant P 0 =T (P ) is a sosie of P if the two
                 following conditions hold 1) there is at least one test
                 case in T S that executes the part of P that is
                 modified by T 2) all test cases in T S pass on P 0
                 .

                 http://diversify-project.eu/sosiefied-programs/

                 also known as \cite{Baudry:2014:TSC:2610384.2610415}",
}

Genetic Programming entries for Benoit Baudry Simon Allier Martin Monperrus

Citations