Date : 05/05, 10:00, room B013.
Speaker : Benoit Baudry, Inria Rennes
Title : Automatic software diversification in application code
The phenomenon of “software monoculture” was coined more than a decade ago to highlight the risks of using a handful of operating systems and databases. We believe that a new form of software monoculture is emerging among software applications: the applicative monoculture. In this talk I illustrate different instances of applicative monoculture and motivate the need for diversification in applicative source code. I introduce our work about the automatic synthesis of large sets of program variants, called sosies. Sosies provide the same expected functionality as the original program, while exhibiting different executions. We propose a technique for test suite augmentation to assess the diversity of computation among the sosies. I also introduce how proactive diversification can mitigate browser fingerprinting.