Building software moving targets to prevent massive attacks on distributed applications

Postdoc position for 18 months

Contacts: Olivier Barais ( and Benoit Baudry (

Location: INRIA in Rennes, France; DiverSE team.


Don’t reinvent the wheel! All software developers adopt this motto and massively reuse code all over
the software stack. For example, the WordPress content management system is massively reused to
build web sites worldwide: it is used by 24% of the 500000 most popular web sites 1 , according to our
observations in the Spring of 2014.

High gains: From the very infancy of software engineering software reuse has been an essential
practice to handle the complexity of the software applications that surround us.

High risks: Yet, reuse in the era of the Internet has a darker side: the exact same malware
can be used to infect the exact clones of a software component, which are deployed on millions of
interconnected devices This phenomenon of “software monoculture” was coined more than a decade ago
to highlight the risks of using a handful of operating systems and databases [11]. In the recent months,
we have seen spectacular exploitations of such vulnerabilities to create botnets of video cameras or to
distribute ransomware at large.

The main objective of this project is to build a platform to automatically synthesize
massive quantities of variants of client-server software components, to create a moving
target against the large scale exploitation of vulnerabilities.


The postdoc applicant is expected to hold a PhD in software engineering or systems and to have publications in international conferences. The selected student will contribute to the following tasks.

Diversity measurement. The quantification of software diversity and its impact on security is a key
challenge in this project. The student will be in charge of defining and testing metrics to measure
Experiments. The definition and scientific assessment of diversification technologies heavily rely on
empirical investigations. The student will be in charge of setting up benchmarks and sound
Software development. The DiverSE team currently develops several components that will be at
the core of the moving target framework: sosiefier and Kevoree. The student will leverage these techniques to build
an integrated framework for automatic software diversification and reconfiguration.
Dissemination. The postdoc will lead the writing of papers about the project and will present the results in academic and industrial conferences.


[1] Simon Allier, Olivier Barais, Benoit Baudry, Johann Bourcier, Erwan Daubert, Franck Fleurey, Martin
Monperrus, Hui Song, and Maxime Tricoire. Multi-tier diversification in web-based software applications.
IEEE Software, 32(1):83–90, Jan 2015.
[2] Benoit Baudry and Martin Monperrus. The Multiple Facets of Software Diversity: Recent Developments
in Year 2000 and Beyond. Technical report, 2015.
[3] Stephanie Forrest, Anil Somayaji, and David Ackley. Building diverse computer systems. In Proc. of
HotOS, pages 67–72, 1997.
[4] Andrei Homescu, Stefan Brunthaler, Per Larsen, and Michael Franz. Librando: transparent code random-
ization for just-in-time compilers. In Proc. of CCS’13, pages 993–1004, 2013.
[5] Hamed Okhravi, Thomas Hobson, David Bigelow, and William Streilein. Finding focus in the blur of
moving-target techniques. IEEE Security & Privacy, 12(2):16–26, Mar 2014.
[6] Martin Rinard. Obtaining and reasoning about good enough software. In Proc. of DAC, pages 930–935,
[7] Eric Schulte, Zachary Fry, Ethan Fast, Westley Weimer, and Stephanie Forrest. Software mutational
robustness. Genetic Programming and Evolvable Machines, pages 1–32, 2013.
[8] Hovav Shacham, Matthew Page, Ben Pfaff, Eu-Jin Goh, Nagendra Modadugu, and Dan Boneh. On the
effectiveness of address-space randomization. In Proc. of CCS, pages 298–307, 2004.
[9] Mary Shaw. Self-healing: softening precision to avoid brittleness: position paper for woss’02: workshop
on self-healing systems. In Proceedings of the first workshop on Self-healing systems, pages 111–114. ACM,
[10] Stelios Sidiroglou-Douskos, Sasa Misailovic, Henry Hoffmann, and Martin Rinard. Managing performance
vs. accuracy trade-offs with loop perforation. In Proc. of ESEC/FSE, pages 124–134, 2011.