A software assignment algorithm for minimizing worm damage in networked systems

Chu Huang, Sencun Zhu, Quanlong Guan, Yongzhong He

Research output: Contribution to journalArticle

2 Scopus citations

Abstract

Homogeneous networked systems are at high risk of being compromised by malicious attacks that exploit a single weakness common to all. Following the survivability through heterogeneity philosophy, we present a novel approach to improving survivability of networked systems via software diversity. In this work, we propose an algorithm for assigning a number of software packages over a network of systems in an intelligent way such that machines running identical software are isolated into small “islands”, hence restricting the worm-like attacks from propagation. While developing the algorithm, we take into consideration not only practical constraints, including host functionality and software availability, but also weight, severity and impact range of vulnerability, well balancing and effectively minimizing the potential damage by an single attack. We also introduce possible enhancements by taking advantage of topological features of the network. Finally, we present a comparative analysis of our algorithm using simulation over various network structures. The results not only confirm the effectiveness and scalability of our algorithm, but also show its capability in creating moving attack surface. The level of heterogeneity our algorithm can actually create depends on the ratio of the number of installed software to the total number of available software.

Original languageEnglish (US)
Pages (from-to)55-67
Number of pages13
JournalJournal of Information Security and Applications
Volume35
DOIs
StatePublished - Aug 2017

All Science Journal Classification (ASJC) codes

  • Software
  • Safety, Risk, Reliability and Quality
  • Computer Networks and Communications

Fingerprint Dive into the research topics of 'A software assignment algorithm for minimizing worm damage in networked systems'. Together they form a unique fingerprint.

  • Cite this