Escuela de Ciencias de la Computacion e Informatica
Universidad de Costa Rica
San Pedro, San Jose
COSTA RICA
gbarrantes@ecci.ucr.ac.cr
After completing my PhD, I returned to my department at the Universidad de Costa Rica. However, I still keep in contact with the Adaptive Group at the University of New Mexico.
I was interested in introducing diversity into computer systems for security purposes. I explored relatively simple measures that, when applied to existing systems will automatically diversify their internal environment enough so simple automated attacks would be made ineffective. This can force attackers to deploy concentrated attacks on each host, elevating the costs enough to discourage all but the most determined attackers.
We have created a randomized instruction set emulator (RISE) based on the open-source Valgrind x86-to-x86 binary translator. This approach allows each program to use its own randomized machine instruction set so that injected binary code from attackers will not execute properly.
More information can be found in the RISE web page. You might consider checking out other interesting projects in the Adaptive Group at the immsec web page
In addition, we have tried to find how safe is to have random instructions executing. Some preliminary results can be found here.