| Summary: | When diversifying projects composed of multiple C/C++ source files, most of the existing software diversification tools adopt the same diversification method for all functions in a single C/C++ source file, which leads to a single diversification method for each function or source file and a lack of targeted diversification methods. To address this issue, a diversified compilation method combining grouping obfuscation and code awareness based on a Low-Level Virtual Machine (LLVM) intermediate representation is proposed. First, this study designs a preselection library of confusion techniques based on different perspectives, which includes various grouping schemes for confusion techniques. During compilation, code analysis and processing are performed on each traversed function to determine its confusion characteristics. Targeted diversification grouping strategies are selected, and diversification techniques within the group are randomly selected to avoid confusion. This achieves a significantly different diversification scheme for each function, making the generated heterogeneous execution set more diverse and providing basic software support for mimetic and mobile target defense technologies. To verify the method′s effectiveness, a standard test set and typical cases are selected to verify both security and performance. The results indicate that the proposed method can ensure security while having almost no impact on the performance, thus verifying the proposed method′s effectiveness and feasibility in practical applications.
|
|---|
