Protecting Software Against Exploitation with DARPA’s CFAR
https://blog.trailofbits.com/2018/09/10/protecting-software-against-exploitation-with-darpas-cfar/ [blog.trailofbits.com]
2018-09-11 18:53
CFAR is very intuitive and deceptively simple. The system runs multiple versions, or ‘variants,’ of the software in parallel, and uses comparisons between these variants to identify when one or more have diverged from the others in behavior. The idea is akin to an intrusion detection system that compares program behavior against variants of itself running on identical input, instead of against a model of past behavior. When the system detects behavioral divergence, it can infer that something unusual, and possibly malicious, has happened.
Also: https://immunant.com/blog/2018/09/multicompiler/
Also: https://galois.com/blog/2018/09/protecting-applications-with-automated-software-diversity/
source: green