What is a chaff bug? How adding bugs to apps may make them more secure
- Dan Swinhoe for CSO
- September 7, 2018
- Source: https://www.csoonline.com/article/3303570/application-security/what-is-a-chaff-bug-how-adding-bugs-to-apps-can-make-them-more-secure.html
In a new research paper, Chaff Bugs: Deterring Attackers by Making Software Buggier, Brendan Dolan-Gavitt, assistant professor of computer science at the NYU Tandon School of Engineering, and two PhD students, Zhenghao Hu and Yu Hu, suggest a new method of intentionally adding software bugs into code in order to deter attackers. Dubbed “chaff bugs,” the idea is to pack applications with seemingly legitimate-looking but ultimately unexploitable bugs that outnumber and obscure real vulnerabilities.