New software continuously scrambles code to foil cyber attacks

As long as humans are writing software, there will be coding mistakes for malicious hackers to exploit. A single bug can open the door to attackers deleting files, copying credit card numbers or carrying out political mischief. A program called shuffler tries to preempt such attacks by allowing programs to repeatedly scramble their code as they run, effectively closing the window of opportunity for an attack. The study’s lead author, David Williams-King said “Shuffler makes it nearly impossible to turn a bug into a functioning attack, defending software developers from their mistakes,” he followed that on by saying”Attackers are unable to figure out the program’s layout if the code keeps changing.”

After debugging some most softwares typically contains up to 50 errors per 1000 lines of code. each are potential avenue for attack. Though security defence are constantly evolving, attackers are quick to find new ways in.

Vasileios Kemerlis, a computer science professor at Brown University said “By the time the server returns the information the attacker needs, it is already invalid Shuffler has already relocated the respective code snippets to different memory locations.” Shuffler runs alongside the code it trying to defend without changing it. According to the researchers shuffler runs faster and requires fewer system changes than similar continuous random software.

The researchers say On computation-heavy workloads, Shuffler slows programs by 15 percent on average, but at larger scales  a web server running on 12 CPU cores, for example the drop in performance is negligible.