Divide and Conquer: Introducing Partial Multi-Variant Execution

None, None; None, None; None, None; None, None

Divide and Conquer: Introducing Partial Multi-Variant Execution

Conference Paper (2025)

Author(s)

J. Vinck (Katholieke Universiteit Leuven)

A. Jacobs (Katholieke Universiteit Leuven)

A. Voulimeneas (TU Delft - Cyber Security)

S. Volckaert (Katholieke Universiteit Leuven)

Research Group

Cyber Security

DOI related publication

https://doi.org/10.1109/EuroSP63326.2025.00064

Optimization Software Security Memory management Monitoring Limiting Switches Prototypes Proposals Source coding Systems security Multi-variant execution Software and application security

To reference this document use:

https://resolver.tudelft.nl/uuid:a82f65bb-956d-498e-9201-1917694d1e91

More Info

expand_more

Publication Year

2025

Language

English

Research Group

Cyber Security

Bibliographical Note

Green Open Access added to TU Delft Institutional Repository as part of the Taverne amendment. More information about this copyright law amendment can be found at https://www.openaccess.nl. Otherwise as indicated in the copyright section: the publisher is the copyright holder of this work and the author uses the Dutch legislation to make this work public.@en

Pages (from-to)

1049-1066

Publisher

IEEE

ISBN (print)

979-8-3315-9494-7

ISBN (electronic)

979-8-3315-9493-0

Reuse Rights

Other than for strictly personal use, it is not permitted to download, forward or distribute the text or part of it, without the consent of the author(s) and/or copyright holder(s), unless the work is under an open content license such as Creative Commons.

Abstract

After several decades of defensive research against the exploitation of memory errors, a wide range of techniques has been proposed, yet no silver bullet has been found. Multi-Variant eXecution (MVX) is one promising proposal for defending against a wide range of known and potentially unknown attacks. MVX systems run multiple program variants in parallel on the same inputs while monitoring their behavior and deduplicating their outputs. By constructing these program variants using automated software diversity techniques, we can ensure that the variants behave identically under normal operating conditions but diverge when attacked. The MVX system detects these divergences and reacts appropriately.State-of-the-art MVX systems have several fundamental problems that inhibit their real-world adoption. First, they often require full source code availability to construct variants and eliminate non-deterministic program behavior. Second, they incur significant resource overhead that linearly increases with the number of variants running in parallel.We propose Partial Multi-Variant eXecution (PMVX), a technique that can mitigate these problems by limiting the scope of MVX to certain well-delineated parts of a target application and by running the rest of the application in Single-Variant eXecution (SVX) mode. PMVX relaxes the source code availability requirement of traditional MVX systems and yields substantially reduced resource consumption while maintaining the strong security guarantees of these systems. However, PMVX implementations must address the non-trivial problem of ensuring all variants are in equivalent states whenever they switch from SVX to MVX mode.We designed and implemented a proof-of-concept PMVX system called FORTDIVIDE that solves this state-equivalency problem using state migration and resynchronization. We thoroughly evaluated the security and performance of our system as a whole, and of our state migration and synchro-nization mechanisms in isolation. We conclude that PMVX has great potential but needs to be applied with the utmost care since the added overhead of state resynchronization can quickly outweigh the benefits of running in SVX mode.

Files

Divide_and_Conquer_Introducing... (pdf)

(pdf | 0.682 Mb)

License info not available

File under embargo until 26-02-2026