The Case for Unpredictability and Deception as OS Features


R. Sun, M. Bishop, N. Ebner, D. Oliveira, and D. Porter, “The Case for Unpredictability and Deception as OS Features,” ;login: 40(4) pp. 12–17(Aug. 2015).



The conventional wisdom is that OS APIs should behave predictably, facilitating software development. From a system security perspective, this predictability creates a disproportionate advantage for attackers. Could making OSes behave unpredictably create a disproportionate advantage for system defenders—significantly increasing the effort to create malware and attacks without too much inconvenience for “good” software? This article explores the potential benefits and challenges of unpredictable and deceptive OS behavior, including preliminary measurements of the relative robustness to unpredictable behavior of malware and production software. We describe Chameleon, an ongoing project to implement OS behavior on a spectrum of unpredictability and deceptiveness.

Bibliographic Information: [BibTeX] [RIS]