Sphinx: A Secure Architecture Based on Binary Code Diversification and Execution Obfuscation
This addresses security vulnerabilities in binary code deployments for systems requiring protection against exploitation, though it appears incremental as it builds on existing obfuscation techniques.
The paper tackles the problem of securing binary code against attackers by proposing Sphinx, a hardware-software co-design architecture that uses binary code diversification and execution obfuscation to maintain functionality while obfuscating code and states, resulting in minimal system overheads and decoupling execution time, power, and memory/I/O activities from functionality.
Sphinx, a hardware-software co-design architecture for binary code and runtime obfuscation. The Sphinx architecture uses binary code diversification and self-reconfigurable processing elements to maintain application functionality while obfuscating the binary code and architecture states to attackers. This approach dramatically reduces an attacker's ability to exploit information gained from one deployment to attack another deployment. Our results show that the Sphinx is able to decouple the program's execution time, power and memory and I/O activities from its functionality. It is also practical in the sense that the system (both software and hardware) overheads are minimal.