Abstract
Software applications distributed as identical copies may present a vulnerability because an exploit discovered in one instance could be replicated across others due to shared internal structures. This publication describes a method to address this vulnerability by generating unique software builds, and which in instances could be used for each download request. The method operates by compiling an application into an intermediate representation, such as a low level virtual machine intermediate representation (LLVM IR) bytecode. Upon receiving a download request, the method performs randomized transformations on the LLVM IR elements, thereby changing the locations of functions, basic block ordering, instruction sequencing, and memory layout within this intermediate representation. A final compilation pass then converts the randomized intermediate representation into executable machine code tailored for the requesting architecture. This method aims to produce functionally equivalent, yet structurally distinct, executable instances, thereby complicating the widespread applicability of exploits. In examples, a customer may use an assigned ID to generate an executable instance of software that can be shared by an organization.
Creative Commons License
This work is licensed under a Creative Commons Attribution 4.0 License.
Recommended Citation
Mason, Joshua, "Intermediate Representation Randomization For Unique Software Builds", Technical Disclosure Commons, ()
https://www.tdcommons.org/dpubs_series/8532