A Study on Multi-Variant Execution Environment

Multi-Variant Execution Environment 櫶

櫶割

壟

壟窫

*昢殾堆穟剖 洊匶洛懺击穟抆, 愞壊熺击壟櫶割暒

{mhcho, jwchang, kvnam, dihwang}@sor.snu.ac.kr, [email protected]

G

A Study on Multi-Variant Execution Environment

*Dept. of Electrical and Computer Engineering and Inter-University Semiconductor Research Center (ISRC), Seoul National University.

殚 殚 檃檃 C 歆 C++汆 捊剖洇 沖氦嵢殺 瑚娯 筞凃求嵢 廔汆 稊嵢勾岞弾姪櫖冒 斲岗愡垚 稊嵢勾岞愓 檾檺 決埪. 嬖穢, 捦幾 暓壊歆 笾筞昷 塛把櫖 笊沲 廔汆 IOT, 沊憦娚姢 柢枪癢櫖 洇殯夞処 沎埪. C 歆 C++ 汆 沖氦嵢殺 筞凃汊 儆滆処 沎垚 愞彺櫖 稊嵢勾岞弾汞 抆渂汞穢 瑚娯 愯柣櫖 汞空 櫲峲 狮檃洖汊 愢旣柢琢 击冯 憚氊庂 溣儆柢疲 朞 沎埪. 埪汒汆 歾抆 獮沋沖櫖冒 击冯櫖 穊殚穢 涑汆 暒枪庂 洢击 穦 朞 沎求惆嵢 決峲穢 击冯汊 廏匶 氊穢 憚殯洇汾 匶朦決 穊殚穞埪. 懾 櫶割櫖昢垚 埪汒 狮檃洖櫖 堆穢 击冯汊 廏汊 朞 沎垚 匶朦 渗 穞喞汾 Multi-Variant Execution Environment(MVEE) 匶朦汊 暒儢穞 処 埪汒 匶朦汞 穻柲汾 埪檗穢 Variant 旣昷 愯柣刂 匶浺 櫶割 把昣汊 皻空 穢凊洖汊 処然穞処沖 穢 埪. 1. 昢昢嵦 牢匂 IOT, 沊憦娚姢 匶匶汞 溣儆櫖 娶岂 廔汆 斲恂 姪決 櫶冶夢 柢堆儆 壊岞窎埪. 枪廎瞾 筎汆 儆枪崎汾 滆, 嗏沫処, 珺秮瘶, IP 玦 姷刂汞 皻柦汊 皻空 斲殯沖 儆 懾汾 簺堆洊筚嵢 毖冯 洢檺儆 儆垫穞滆廒, 空疿櫖 堆穢 狮檃洖汊 儜処 沎垚 冉決 筚奖儆 夞処 沎埪. 狮 檃洖汊 洢击穞処 沎垚 毖汾 渗 穞喞垚 廔汆 沊憦娚姢 匶匶姪決 C 歆 C++汊 匶愞求嵢 橦稒庲理決晞汊 壒庲 処 沎埪垚 洖汾塶 埪汒 稊嵢勾岞愓 檾檺汞 瞿昷求嵢 汾空 击冯 儆垫穢 彺洇決 嘙檺滎 朞 沎埪. ͙勾廂͑ ͚͑͢ͺ΀΅͑ 瞾岢姢͟Ό͢Ύ͑ C 歆 C++汆 沖氦嵢殺 瑚娯 筞凃刂 捦幾 柪窏筞凃 求嵢 沊憦娚姢 匶匶擖廒 橊城岂 廔汆 橦稒庲理決晞 洢沗櫖 斲殯夞処 沎垚 憚殯洇汾 稊嵢勾岞愓 檾檺決埪. 沖氦嵢殺 瑚娯筞凃汊 洢击穞垚 瞿昷汊 儆滆滆廒 稊嵢 勾岞愓 儢愢沖汞 抆渂汞嵢 汾空 櫲峲 儆滆 懺橎 怾洢 庂 儆滎 朞 沎埪. 洊 显凊洇求嵢 廔決 斲殯穞垚 微嚆 庲柣 珪嘖汾 Linux, Windows, BSD 姷汆 稊嵢勾岞弾姪 決 瑚娯 愯柣櫖 廔汆 渂汞庂 匶殾決処 沎滆廒 櫲洊粎 橎洊穞滆 橐汆 稊嵢勾岞愓 檾檺庂 斲殯穞惆嵢 廔汆 憊勾儆 浺沲穢埪. 欎庂 姪檺 懺碾洇汾 狮檃洖櫖垚 1) Uninitialized read, 2) Use-after-free, 3) Out-of-bounds 姷決 沎垚塶 埪汒汊 決殯空 击冯沖姪汆 愂儖穢 珪嘖 磲汾 瘶 痎狮, 橚笾筚 疪 痎狮 姷汊 皻空 Privilege escalation 刂 償汆 焮篊汞 击冯求嵢 櫶冶穦 朞 沎埪. 廒檃 击冯 汊 皻空 击冯沖儆 Root 劒穢汊 痎狮穢埪彺 渗殚穢 塶 決瘶櫖 堆穢 洗匂 劒穢汊 儆滎 朞 沎処 IOT 匶匶姪 (IP 玦 姷)汊 皻空 斲殯沖汞 儢汾洛懺儆 氦犢夦 朞壊 沎埪. 橎洊穞滆 橐汆 稊嵢勾岞愓 檾檺庂 斲殯穦 婒 儢愢 沖汞 显愆穢 瑚娯 愯柣求嵢垚 穢凊儆 沎埪. 勾峲惆嵢 櫲峲 儆滆 懺橎 匶憛姪決 穊殚穢塶 埪汒 匶憛櫖垚 洛 洇 把昣汊 皻穢 懆朞 爎匶筚, Bound check, 捊洛旇洇汾 窏壟 微城瘶廇 姷刂 償決 击冯沖櫖冒 暒枪庂 洢击穞 垚 冉汊 廏垚 匶憛姪決 沎処, ASLR(Address Space Layout Randomization), KASLR(Kernel Address Space Layout Randomization)歆 償決 筛幦洇汾 愯檺 匶憛姪決 浺沲穢埪. Fine-grained 匶憛櫖昢垚 櫲峲 击冯櫖 堆穢 嚘汆 愯檺氮汊 懺櫲渂滆廒 嚘汆 昷垫 洆穞庂 愢旣柢

275

疪処 Coarse-grained 匶憛櫖昢垚 喴汆 昷垫洆穞歆 喴汆 捊殯 姷汊 懺櫲渂滆廒 穢洛夢 击冯櫖 堆穢 愯檺廒 儆 垫穞埪.

廔汆 懺橎 匶憛姪 渗 懾 嚂怾櫖昢垚 MVEE(Multi-Variant Execution Environment)櫖 堆空 2 沫櫖昢 昪律穞 処 3 沫櫖昢垚 櫲峲 MVEE 匶憛櫖 堆穢 把昣 廎滆廏 求嵢 4 沫櫖垚 冶嵦刂 MVEE 匶憛櫖 堆空 処然汊 穦 欎洛決埪.

2. MVEE(Multi-Variant Execution Environment) 儢儢噖 NVP(N-Version Programming)垚 1970 噊 Chen and Avicienis[2]櫖 汞空 処橎夞櫎埪. NVP 汞 橊決娚檺垚 櫲 峲 稊嵢勾岞弾嵢 決帊滊 砆廎埪 儇儇 壋沖洇汾 嬗償 汆 稊嵢勾岮汊 廒姪檺 懗崲洇求嵢 壒廂求嵢桮 憊勾庂 煄橊喺垚 愯柣櫖 汞空 犢愢穞欆埪. 穞滆廒 櫋塶決瞾 儆 穊殚穦 婒 微姦 壋沖洇汾 稊嵢勾岮姪汊 埪柢 櫋塶 決瞾空檂 穞惆嵢 嚘汆 氦滆捊殯汊 愢旣柢琶埪. ͙勾廂͑ ͚ͣ͑Ϳ͞ΧΒΣΚΒΟΥ͑΄ΪΤΥΖΞ͑ͷΣΒΞΖΨΠΣΜ͟ΌͤΎ͑ 爎匶 NVP 汞 嚘汆 氦滆捊殯汊 空冶穞匶 氊空 Variant[3]岂垚 儢噖汊 壊沋穞欆埪. Variant 岆 懾滎洇求 嵢 壟沂穢 窏氊庂 穞滆廒 愯柣汊 Variant 廎埪 洛空滊 勢獟櫖 娶岂 埪儇筚穞櫲 捊洛旇洇汾 窏壟決喞 憊勾儆 旣匾 柢 埪幾 窏壟汊 穞壊嵣 廒姦 儢熺決埪. MVEE 汞 Variant 姪汆 壟沂穢 暒枪 瑚姢櫖昢 沖壟洇求嵢 旣昷夞 匶 婒怾櫖 朞壟洇求嵢 埪柢 櫋塶決瞾穦 穊殚儆 櫌檺 爎匶 NVP 汞 埮洖汾 嚘汆 氦滆捊殯汊 儖暒柢琶埪.

MVEE(Multi-variant execution environment) 匶朦汆 橋 汞洇汾 击冯 柢 稊嵢显枪汞 旇痢儆 埲岂滆垚 瞿昷汊 微城瘶廇穞惆嵢 稊嵢勾岮汞 憊勾 痖滆擖廒 橊城岂 懺 橎櫖壊 洇洎穞埪. MVEE 汞 壟沗汆 (勾廂 2)歆 償決 磺庲勾岞碂儆 沋崫汊 愡求彺 埪汒 沋崫汊 懻斲穞櫲 儇儇汞 Variant 姪櫖冒 嬗償決 洊埲穢埪. 櫲匶昢 Variant 姪汆 懾滎洇求嵢 壟沂穢 窏氊庂 穞滆廒 喺抆汞 割浶儆 埪幺惆嵢 喺抆 旇痢櫖 廤冒 橒廤汆 沋崫汊 渞 檂穢埪. 欎庂 姪檺, 儇 沋崫櫖 空埿穞垚 磲汾瘶汞 氊 獞垚 埪庂 朞 沎滆廒, 懾滎洇汾 喺殯汆 償橊檂 穞処 憊碂庂 斲殯穦 柢 氊獞儆 埪幺塚岂壊 憊碂 橎汞 喺殯 汆 償橊檂 穢埪. 埪汒刂 償決 儇 Variant 汆 壟沂穢 窏 氊庂 朞窏穞処 冶刕儘汊 微城瘶嵢 洊埲穞垚塶 決 婒 微城瘶垚 儇儇汞 微城瘶汞 儘汊 捊剖穞櫲 償汆 儘決 喞歚垚滆 捊剖穢埪. 廒檃櫖 壟沂穢 沋崫櫖 堆空 埪幾 犢崫決 喞歚埪彺 埪汒汊 击冯求嵢 儊渂穞処 愂儖穢 塶決瘶庂 0 求嵢 廒姪檺 氦犢汊 廏其喞 稊嵢勾岮汊 涋巒柢疪垚 姷 惾庲 洛空滊 勢獟櫖 娶岂 壟沗穞壊嵣 廒姦埪. 埪汒刂 償決 MVEE 垚 Multi-Variant 姪汊 壟柢櫖 柪 窏柢疪惆嵢 笊堆 彆矶瑚檺 柢枪癢櫖昢 廪殶 洇穯穞埪. 嬖穢, 瞿洛 筞凃櫖 廤冒 犢崫 儘廒 戂 冉汾滆 橊城彺 喺抆 滊窏旇痢庂 洛空滊 憚氊喺櫖昢 戂 冉汾 冉 洛穞 櫲 granularity 庂 浶洛穦 朞 沎求惆嵢 儇儇汞 娚愚決枪 櫖 廤垚 懺橎 朞渆汊 洢击穦 朞 沎埪.

3. MVEE(Multi-Variant Execution Environment) 櫶割

壟窫 MVEE 汆 島痆沊 微城瘶廇 匶朦嵢桮 Lock-step 愯柣 汊 皻空 壟沂穢 沋崫汊 壟匶筚穞櫲 儇儇汞 Variant 櫖 嘩垚埪. 懺橎昷汊 氊空 儇儇汞 Variant 姪汆 彚微庲 Isolate 匶朦汊 斲殯穞櫲 微城瘶歆 恂庲洇求嵢 把庲夞 檺 沎埪. 嬖穢, 昷垫窫旇汊 氊空 Salamat B, Jackson T, Wagner G, et al[4]汆 儇儇汞 Variant 汞 彚微庲 挚嵣汊 击氦柢疪垚 愯柣汊 処橎窎垚塶 微城瘶儆 Variant 姪櫖 冒 塶決瘶庂 洢击穦 婒垚 击氦夢 彚微庲櫖 桮昢 Variant 姪決 沃汆 妪 沖柦汞 穦埿夢 渂暒櫖 槶壊嵣 穞 欆処, 壟沂穞冒 微城瘶儆 儇儇汞 塶決瘶庂 殚熳穦 婒 垚 沖柦汞 渂暒櫖昢 沃檺 击氦夢 彚微庲櫖 槶壊嵣 穞 欆埪. 笊沲 櫶割夢 MVEE 汆 埪檗穢 微城瘶汞 割笊刂 Variant 愯柣汊 儆滆処 沎埪. 堆抆把汞 MVEE 垚 User-space 櫖昢 割笊夞垚塶 勾 決氦垚 User-User-space 稊嵢勾岮 姪汆 櫊冯穞冒 洛汞夢 Syscall 決岂垚 I/O 汾瘶碞決枪 庂 儆滆処 沎匶 婒怾決埪. 勾峲惆嵢 儇儇汞 Variant 姪 汆 Syscall 汊 皻空 壟沂穢 柢儊 儘刂 嘪瞾毒畲 瞾岞穃 汊 儆滎 朞 沎埪. 穞滆廒 Kernel-space 櫖昢垚 勾峲穢 汾瘶碞決枪儆 櫌求惆嵢 犚儆洇汾 壟匶筚 割浶庂 廒姪 檺檂 穢埪. 牢柦 櫶割汾 kMVX[5]垚 Kernel-space 櫖 壟 匶筚 割浶庂 犚儆洇求嵢 廒姪檺 MVEE 庂 割笊穦 朞 沎汒汊 懺櫲渲埪. MVEE 汞 埮洖 渗 穞喞垚 埪汒 匶朦汊 洇殯 柢 當

276

昷垫 洆穞庂 愢旣柢疮埪垚 洖決埪. 瞿粎 I/O 櫖 分崮 夢 Syscall 決 櫶暓洇求嵢 殚熳夞櫎汊 婒 塚 當 昷垫洆 穞庂 懺櫲渂櫎埪. 堆抆把 微城瘶汞 割笊汆 Syscall 汊 儖滆穞垚 ptrace 汾瘶碞決枪櫖 汞空 割笊夞垚塶 4byte 樯 沃垚 瞿昷 婒怾櫖 垖庲埪垚 埮洖決 沎埪. 勾峲惆 嵢 昷垫 洆穞庂 渊決匶 氊空 櫲峲 匶憛姪汞 割笊決 穊殚穞埪. VARAN[6]償汆 凃殶櫖垚 Fast shared memory ring buffer 庂 決殯穞櫲 ptrace 汾瘶碞決枪汞 欪憊竪姢 庂 儖暒柢琶処, ReMon[7]汆 微城瘶嵢 Context switching 決 沂檺喦 婒 當 昷垫 洆穞儆 愢旣穞垚 冉汊 堆旇求 嵢 穞櫲 Syscall 渗 愂儖穢 Syscall 汆 cross-process 微 城瘶庂 決殯穞櫲 歾抆櫖昢 橎洊穞冒 熞庲穞処 愂儖穞 滆 橐汆 Syscall 汆 in-process 微城瘶庂 決殯穞櫲 捦幺 冒 熞庲穞櫲 昷垫 洆穞庂 儖暒柢琶埪. 穞滆廒 埪汒 噾崫櫖壊 抎割穞処 徍 儆滆 憪獞廎畲櫖昢垚 橊滇壊 當 昷垫 洆穞庂 懺櫲渂櫎埪. MVEE 汞 穻柲洇汾 殚暒垚 Variant 汞 昪洛決埪. 檺 嫁冒 Variant 庂 洛穦滆櫖 娶岂 懺橎 朞渆刂 昷垫決 埲 岂滆惆嵢 洇洎穢 廪珪城溞汊 処橎空檂 穢埪. Variant 庂 皻穢 懺橎 朞渆 窫旇汊 氊空 渂汞穦 洖汆 Variant 沖 熺汞 櫚瞾嵢穂懺埪垚 击冯櫖 堆空 儇儇汞 Variant 廎埪 昢嵢 埪幾 窏壟汊 懺櫲渒求嵢桮 击冯櫖 堆穢 痖滆庂 儆垫穞冒 穞垚 冉決埪. 欎庂 姪彺 KASLR 償汆 凃殶 珪嘖 彚微庲汞 崎決橊毉櫖 堆穢 懻沧壊儆 溣儆穞惆嵢 沖熺 櫚瞾嵢穂垚 畲滆廒, 击冯櫖 堆穢 Variant 廎埪汞 旇決穮汊 沧橊嗂 朞 沎垚 垫崫決 嚘埪処垚 廖穦 朞 櫌埪. ͭ祢͑ ͯ͑͢ 狮檃洖͑ 愕͑ 堆汗穞垚͑ ·ΒΣΚΒΟΥ͑ 匶憛姪͑ 笊沲 櫶割夢 Variant 愯柣汆 1)渂暒 击儊 砒矶晚埣, 2)庲憊枪 枪痣, 3)枪痣 砮娯, 4)枪痣 割浶 岢塪筚, 5)律 崿檺 显瞾 岢塪筚, 6)柢枪癢 瑢 憎笾 岢塪筚, 7)塶決瘶 击儊 岢塪筚, 8)Type-based SLAB allocator 姷 櫲峲 儆滆 儆 沎埪. 1)渂暒 击儊 砒矶晚埣 匶憛汆 儆沫 懺碾洇求 嵢 槶決垚 愯柣求嵢 Variant 廎埪 埪幾 洎堆 渂暒 击儊 汊 穦埿穞櫲 击冯沖儆 愂儖穢 磲汾瘶櫖 橋汞洇汾 徯 洇求嵢 洗匂 柢 橒岒汊 殾庲冒 穞垚 愯憛決埪. 穢 Variant 渂暒 击儊櫖 洇憛穢 愂儖穢 磲汾瘶儆 埪幾 Variant 渂暒 击儊櫖昢垚 洇憛穞滆 橐汊 朞 沎垚 冉汊 決殯穢埪. 枪痣汞 磲廽汊 愚咾垚 愯柣汆 爎匶筚儆 橎 夢 懆朞庂 皻穢 塶決瘶 氦犢汊 廏垚 塶 壊毆決 夢埪. 欎庂 姪檺 枪痣 稊崎沊決 pop 夞処 旎嵢殺 枪痣 稊崎 沊決 push 夞櫎汊 婒 旎嵢殺 枪痣 稊崎沊櫖 爎匶筚儆 橎 夢 懆朞儆 沎求彺 決洊 稊崎沊汞 儘汊 儆滆処 沎 汊 朞 沎埪. 2)庲憊枪 枪痣汆 枪痣決 沖岂垚 愯窫汊 埪幺冒 穞垚 匶憛決処, 3)枪痣 砮娯汆 稊崎沊廎埪 岢 塪穞冒 击儊汊 廒姪檺 痆冥決 夞垚 塶決瘶 儘汊 沃滆 忁穞冒 穞垚 愯憛決埪. 嬖穢, 4)枪痣 割浶 岢塪筚庂 決 殯空 穊姢汞 洆沫 朢昢庂 岢塪筚 穞櫲 毖穞垚 塶決瘶 汞 氊獞庂 橒匶 檺崻冒 廒姪 朞 沎埪. 5)律崿檺 显瞾 岢塪筚垚 律崿檺櫖 儇儇汞 Variant 櫖 廤垚 岢塪穢 儘 汊 犚儆空 橋汞洇汾 徯洇汞 律崿檺 柪窏 柢 瞿洛 Variant 櫖昢垚 儆垫穞滆廒 埪幾 Variant 櫖昢垚 抎儆垫 穞冒 廒姪檺 微城瘶儆 痖滆穞冒 廒姢垚 匶憛決埪. 6) 柢枪癢 瑢 憎笾 岢塪筚垚 柪窏廎埪 柢枪癢 瑢憎笾櫖 空埿穞垚 昢捊枪 差矺汊 岢塪筚 穞櫲 击冯沖儆 磲汾 瘶 痎狮庂 皻空 橋汞洇汾 昢捊枪 差矺汊 柪窏穞滆 忁 穞壊嵣 廏垚埪. 7)塶決瘶 击儊 岢塪筚[8]垚 憊碂 欪憊 稒嵢殶庂 痖滆穞垚 匶憛求嵢 儇 Variant 汞 憊碂歆 愂 儖穢 塶決瘶廎埪 埪幾 疪庂 穦埿穞櫲 XOR 櫶斶汊 穞 冒 廒姦埪. 廒檃櫖 憊碂 欪憊 稒嵢殶儆 愢旣穢埪彺 愂儖穢 塶決瘶 橤汞 憊碂汞 疪 儘決 愂儖穢 塶決瘶歆 汞 櫶斶求嵢 欲岂歆 埪幾 Variant 歆 埪幾 冶刂庂 檂匶 穦 冉決埪. 8)Type-based SLAB allocator 汆 kmalloc 汞 朞洛汊 皻空 SLAB allocator 汊 痆沋 匶愞求嵢 愚哚 use-after-free 庂 愯滆穞垚 匶憛決埪. 埪汒刂 償決 埪檗 穢 匶憛姪決 浺沲穞滆廒, 旇筯櫖 廤滆 橐汆 洇殯姪汆 欪粎崪 昷垫 洆穞庂 愢旣柢疲 朞 沎埪. <祢 2> MVEE 櫶割 壟窫[9] 櫲峲 微城瘶廇 匶憛, Variant 匶憛, Memory-space 匶憛 姷汊 皻空 MVEE 櫖 分穢 櫶割姪決 滊窏夞檺 歚埪. Petr Hosek 汆 Bionic C 岂決挒峲庲 匶愞汞 沖柦廒汞 C library function 汊 割笊穢 ‘VARAN[6]’汊 愢祢空 昷垫

277

窫旇汊 懺櫲渲処, K. Koning 汆 hardware-assisted 儆旇筚 匶愞汞 ‘MvArmor[10]’汊 割笊穮求嵢桮 昷垫 儢昦櫖 壊毆汊 渂櫎埪. S.Volckaert 垚 渂暒 砒矶晚埣 匶憛汊 決殯空 ROP (Return Oriented Programming) 击冯汊 廏垚 ‘DCL[11]’汊 懺櫲渂櫎処 渗殚穢 Syscall 廒 cross-process 微城瘶庂 皻空 昦懊洇求嵢 橎洊穞冒 円斲穞垚 ‘ReMon[7]’汊 処橎穞櫲 昷垫 窫旇汊 懺櫲渂櫎埪. 牢匂 櫖垚 S. Osterlund 儆 爎匶筚儆 橎 夢 懆朞庂 皻穢 愂 儖穢 洛懺汞 氦犢汊 痆冥求嵢 Kernel-space 櫖昢 奖 珪 嘖汊 Variant 嵢 昪洛穞櫲 渂暒 砒矶晚埣, 枪痣刂 粟 欇櫳汞 埪儇筚 姷汊 皻空 MVEE 柢枪癢汊 割笊窎埪. 奖 珪嘖櫖 柢儊刂 嘪瞾毒疿汊 壟匶筚穦 朞 沎垚 I/O sync 歆 Copy_to_user 歆 償汆 珪嘖 洛懺儆 氦洆櫖冒 氦犢夦 朞 沎垚 旇筯汊 痖滆穦 朞 沎垚 Syscall sync 庂 割笊空 Kernel space 櫖昢 击冯汊 痖滆穦 朞 沎垚 ‘kMVX[5]’庂 愢祢窎埪. ͙勾廂͑ ͚ͤ͑Μ;·Ή͑ 彚微庲͑ 击儊͟ΌͦΎ͑ 4. 冶冶嵦 愕 処然 懾 嚂怾櫖昢垚 C 歆 C++汞 狮檃洖汊 懺歊穦 朞 沎 垚 MVEE 櫖 堆穢 儢噖刂 穻柲 匶憛汾 Variant 庂 暒 儢窎処, 刂其 MVEE 匶憛抆瘶 牢柦 MVEE 匶憛卒滆 把昣汊 窎埪. 微姦 懺橎 匶憛櫖壊 勾崍姵 昷垫刂 懺 橎汆 Trade-off 分凊櫖 沎埪. 牢柦 櫶割汾 kMVX[5]壊 20~50%汞 嚘汆 昷垫 洆穞庂 懺櫲渂垚塶 橤求嵢 埪汒 怾洢洖汊 儢昦穞匶 氊空昢垚 击冯決 儆空滎 婒 磲刊 洇求嵢 愞堆 窏壟汊 穞垚 Variant 櫖 堆穢 櫶割, 懗崲 洇汾 櫶斶汊 空冶穦 朞 沎垚 穞姢毮檺 微城瘶廇, 穊 殚穢 愯檺 匶憛姪廒 氦壟洇求嵢 洇殯穦 朞 沎垚 微姎 筚櫖 分穢 櫶割 姷決 穊殚穦 冉決埪. 5. ACKNOWLEDGEMENT 懾 櫶割垚 2020 噊壊 洛抆(刂穟匶朦洛懺皻柦抆)汞 沲毖求嵢 穢剳櫶割沲埮(NRF-2017R1A2A1A17069478), 2020 噊壊 奖囒穢剳 21 稒峲枪斲櫋, 2020 噊壊 洛抆(刂 穟匶朦洛懺皻柦抆)汞 沲毖求嵢 洛懺皻柦匶朦滊籫時瘶 (No.2017-0-00213, 垫壟洇 斲洊懺橎汊 氊穢 斲決憊 沖 儆懆決 匶朦 儢愢)汞 滆毖汊 愡橊 朞窏夢 櫶割沊. 焾処怾竒 [1] https://iot-analytics.com/state-of-the-iot-update-q1-q2-2018-number-of-iot-devices-now-7b/

[2] Liming Chen., Algirdas V. Avizienis. “N-version programming: A fault-tolerance approach to reliability of software operation” in Annual International Conference on Fault-Tolerant Computing, Toulouse, 1978, pp.3-9. [3] B. Cox et al. גN-variant systems: A secretless framework

for security through diversityדin USENIX Security, Canada, 2006, pp. 105-120

[4] Salamat, B., Jackson, T., Wagner, G., Wimmer, C., Franz, M., “Runtime defense against code injection attacks using replicated execution” in Department of Computer Science, United States, 2011, pp. 588-601.

[5] S. Österlund., K. Koninh., P. Olivier., A.Barbalace., H.bos., C. Giuffrida. “ kMVX: Detecting Kernel Information Leaks with Multi-variant Execution” in ASPLOS, United States, 2019, pp. 559.

[6]Hosek, P., & Cadar, C. “Varan the unbelievable: An efficient n-version execution framework.” in International Conference on Architectural Support for Programming Languages and Operating Systems – ASPLOS, Istanbul, 2015, Vol. 50, No. 4, pp. 339-353

[7] Volckaert, S., Coppens, B., Voulimeneas, A., Homescu, A., Larsen, P., De Sutter, B., & Franz, M. “Secure and efficient application monitoring and replication” in USENIX Annual Technical, United States, 2016, pp. 167-179

[8] Hwang, Shin, et al. "Data Randomization for Multi-Variant Execution Environment.", in International SoC Design Conference (ISOCC), Jeju, 2019, pp. 291-292 [9] Zhenwu Liu, Zheng Zhang, Jiexin Zhang and Hao Liu. “Multi-Variant Execution Research of Software Diversity” in Journal of Physics: Conference Series, China, 2019, Volume 1325.

[10] Koning, K., Bos, H., & Giuffrida, C. “Secure and efficient multi-variant execution using hardware-assisted process virtualization.” in 2016 46th Annual IEEE/IFIP International Conference on Dependable Systems and Networks (DSN), France ,2016, pp. 431-442.

[11] Volckaert, S., Coppens, B., & De Sutter, B. “Cloning your gadgets: Complete ROP attack immunity with multi-variant execution” In IEEE Transactions on Dependable and Secure Computing, 2015, 13(4): 437-450.

278