+32 9 264 98 57 (phone)
+32 9 264 35 94 (fax)
System Software Lab
Computing Systems Lab (CSL)
Electronics and Information Systems (ELIS) department
Sint Pietersnieuwstraat 41
Currently I am working on software diversity. This is a technique where an application instance is transformed into syntactically different, semantically equivalent instances. This concept can be applied to, for example, the problem of Patch Tuesday. In that case, a security update is released to the world, and hackers try to find the original vulnerability by analyzing the patch. If this can be done fast enough, they can exploit this vulnerability with the mass of users that has not yet applied this patch. Using software diversity on this example is like having an obfuscated patch.
My focus is on a toolflow to evaluate the effectiveness of different approaches to software diversity. My group currently has a toolflow to evaluate software diversity. Its goal is to compare 2 semantically equivalent binaries, and give as output to the user an overview of how well it was able to correctly find the actual relationship between the 2 binaries. The idea is that if this tool is able to give a good estimate of how these binaries are related, so could an attacker.
My current goal is to extend this tool in order make it both faster and more accurate. Furthermore, I will evaluate the actual effectiveness of this metric on real-life security patches.
I am also involved with research on mitigating side-channels on modern x86 processors. I worked on a compiler-based toolflow to apply if-conversion to cryptographical code in order to eliminate control-flow related side-channels. I evaluated this technique on a Core 2 setup, and pointed out some problems when using division instructions. I am currently looking into extending this work.
Contact person for Projects:
|Verbeterde softwarematching met dynamische informatie||Master thesis||2013|
|Machine learning voor het vergelijken van softwareversies||Master thesis||2013|
|Return-oriented programming||Master thesis||2013|
|Differentiële aanvallen op software||Master thesis||2013|
Publications to Appear
- Stijn Volckaert, Bart Coppens and Bjorn De Sutter Cloning your gadgets : complete ROP attack immunity with multi-variant execution IEEE TRANSACTIONS ON DEPENDABLE AND SECURE COMPUTING, Vol. 13(4), pp. 437-450 (2016)
- Stijn Volckaert, Bart Coppens and Bjorn De Sutter Cloning your Gadgets: Complete ROP Attack Immunity with Multi-Variant Execution IEEE Transactions on Dependable and Secure Computing, pp. (2015)
- Bart Coppens, Bjorn De Sutter and Koen De Bosschere Protecting your software updates IEEE SECURITY & PRIVACY, Vol. 11(2), pp. 47-54 (2013)
- Bart Coppens, Bjorn De Sutter and Jonas Maebe Feedback-driven binary code diversification ACM TRANSACTIONS ON ARCHITECTURE AND CODE OPTIMIZATION, Vol. 9(4), pp. 25 (2013)
- Jeroen Van Cleemput, Bart Coppens and Bjorn De Sutter Compiler mitigations for time attacks on modern x86 processors ACM TRANSACTIONS ON ARCHITECTURE AND CODE OPTIMIZATION, Vol. 8(4), pp. 20 (2012)
- Gunnar Brinkmann and Bart Coppens An Efficient Algorithm for the Generation of Planar Polycyclic Hydrocarbons with a Given Boundary MATCH-COMMUNICATIONS IN MATHEMATICAL AND IN COMPUTER CHEMISTRY, Vol. 62(1), pp. 209-220 (2009)
- Stijn Volckaert, Bart Coppens, Alexios Voulimeneas, Andrei Homescu, Per Larsen, Bjorn De Sutter and Michael Franz Secure and efficient application monitoring and replication PROCEEDINGS OF USENIX ATC '16: 2016 USENIX ANNUAL TECHNICAL CONFERENCE, pp. 167-179 (2016)
- Bert Abrath, Bart Coppens, Stijn Volckaert, Joris Wijnant and Bjorn De Sutter Tightly-coupled self-debugging software protection Proceedings of the 6th Workshop on Software Security, Protection, and Reverse Engineering - SSPREW '16, pp. 10 (2016)
- Ruan de Clercq, Ronald De Keulenaer, Bart Coppens, Bohan Yang, Pieter Maene, Koen de Bosschere, Bart Preneel, Bjorn de Sutter and Ingrid Verbauwhede SOFIA : software and control flow integrity architecture Design, Automation & Test in Europe Conference & Exhibition, pp. 1172-1177 (2016)
- Alessandro Cabutto, Paolo Falcarin, Bert Abrath, Bart Coppens and Bjorn De Sutter Software protection with code mobility Second ACM workshop on moving target defense, Proceedings, pp. 95-103 (2015)
- Bert Abrath, Bart Coppens, Stijn Volckaert and Bjorn De Sutter Obfuscating windows DLLs Workshop on Software Protection, Proceedings, pp. 7 (2015)
- David De Lille, Bart Coppens, Daan Raman and Bjorn De Sutter Automatically combining static malware detection techniques International Conference on Malicious and Unwanted Software, Proceedings, pp. (2015)
- Paolo Tonella, Mariano Ceccato, Bjorn De Sutter and Bart Coppens Poster : a measurement framework to quantify software protections ACM Conference on Computer and Communications Security 2014, Proceedings, pp. 1505-1507 (2014)
- Christophe Foket, Bjorn De Sutter, Bart Coppens and Koen De Bosschere A novel obfuscation : class hierarchy flattening Foundations and Practice of Security, Proceedings, Vol. 7743, pp. 194-210 (2013)
- Daan Raman, Bjorn De Sutter, Bart Coppens, Stijn Volckaert, Koen De Bosschere, Pieter Danhieux and Erik Van Buggenhout DNS tunneling for network penetration Information Security and Cryptology - ICISC 2012. 15th International Conference. Revised Selected Papers, Vol. 7839, pp. 65-77 (2012)
- Bart Coppens, Ingrid Verbauwhede, Koen De Bosschere and Bjorn De Sutter Practical Mitigations for Timing-Based Side-Channel Attacks on Modern x86 Processors 2009 30th IEEE Symposium on Security and Privacy, pp. 45-60 (2009)