A software assignment algorithm for minimizing worm damage in networked systems

Chu Huang, Sencun Zhu, Quanlong Guan, Yongzhong He

Research output: Contribution to journalArticle

1 Citation (Scopus)

Abstract

Homogeneous networked systems are at high risk of being compromised by malicious attacks that exploit a single weakness common to all. Following the survivability through heterogeneity philosophy, we present a novel approach to improving survivability of networked systems via software diversity. In this work, we propose an algorithm for assigning a number of software packages over a network of systems in an intelligent way such that machines running identical software are isolated into small “islands”, hence restricting the worm-like attacks from propagation. While developing the algorithm, we take into consideration not only practical constraints, including host functionality and software availability, but also weight, severity and impact range of vulnerability, well balancing and effectively minimizing the potential damage by an single attack. We also introduce possible enhancements by taking advantage of topological features of the network. Finally, we present a comparative analysis of our algorithm using simulation over various network structures. The results not only confirm the effectiveness and scalability of our algorithm, but also show its capability in creating moving attack surface. The level of heterogeneity our algorithm can actually create depends on the ratio of the number of installed software to the total number of available software.

Original languageEnglish (US)
Pages (from-to)55-67
Number of pages13
JournalJournal of Information Security and Applications
Volume35
DOIs
StatePublished - Aug 1 2017

Fingerprint

Software packages
Scalability
Availability

All Science Journal Classification (ASJC) codes

  • Software
  • Safety, Risk, Reliability and Quality
  • Computer Networks and Communications

Cite this

@article{e77bdcaf08384bb69e377dfcee5a3822,
title = "A software assignment algorithm for minimizing worm damage in networked systems",
abstract = "Homogeneous networked systems are at high risk of being compromised by malicious attacks that exploit a single weakness common to all. Following the survivability through heterogeneity philosophy, we present a novel approach to improving survivability of networked systems via software diversity. In this work, we propose an algorithm for assigning a number of software packages over a network of systems in an intelligent way such that machines running identical software are isolated into small “islands”, hence restricting the worm-like attacks from propagation. While developing the algorithm, we take into consideration not only practical constraints, including host functionality and software availability, but also weight, severity and impact range of vulnerability, well balancing and effectively minimizing the potential damage by an single attack. We also introduce possible enhancements by taking advantage of topological features of the network. Finally, we present a comparative analysis of our algorithm using simulation over various network structures. The results not only confirm the effectiveness and scalability of our algorithm, but also show its capability in creating moving attack surface. The level of heterogeneity our algorithm can actually create depends on the ratio of the number of installed software to the total number of available software.",
author = "Chu Huang and Sencun Zhu and Quanlong Guan and Yongzhong He",
year = "2017",
month = "8",
day = "1",
doi = "10.1016/j.jisa.2017.05.004",
language = "English (US)",
volume = "35",
pages = "55--67",
journal = "Journal of Information Security and Applications",
issn = "2214-2126",
publisher = "Elsevier Limited",

}

A software assignment algorithm for minimizing worm damage in networked systems. / Huang, Chu; Zhu, Sencun; Guan, Quanlong; He, Yongzhong.

In: Journal of Information Security and Applications, Vol. 35, 01.08.2017, p. 55-67.

Research output: Contribution to journalArticle

TY - JOUR

T1 - A software assignment algorithm for minimizing worm damage in networked systems

AU - Huang, Chu

AU - Zhu, Sencun

AU - Guan, Quanlong

AU - He, Yongzhong

PY - 2017/8/1

Y1 - 2017/8/1

N2 - Homogeneous networked systems are at high risk of being compromised by malicious attacks that exploit a single weakness common to all. Following the survivability through heterogeneity philosophy, we present a novel approach to improving survivability of networked systems via software diversity. In this work, we propose an algorithm for assigning a number of software packages over a network of systems in an intelligent way such that machines running identical software are isolated into small “islands”, hence restricting the worm-like attacks from propagation. While developing the algorithm, we take into consideration not only practical constraints, including host functionality and software availability, but also weight, severity and impact range of vulnerability, well balancing and effectively minimizing the potential damage by an single attack. We also introduce possible enhancements by taking advantage of topological features of the network. Finally, we present a comparative analysis of our algorithm using simulation over various network structures. The results not only confirm the effectiveness and scalability of our algorithm, but also show its capability in creating moving attack surface. The level of heterogeneity our algorithm can actually create depends on the ratio of the number of installed software to the total number of available software.

AB - Homogeneous networked systems are at high risk of being compromised by malicious attacks that exploit a single weakness common to all. Following the survivability through heterogeneity philosophy, we present a novel approach to improving survivability of networked systems via software diversity. In this work, we propose an algorithm for assigning a number of software packages over a network of systems in an intelligent way such that machines running identical software are isolated into small “islands”, hence restricting the worm-like attacks from propagation. While developing the algorithm, we take into consideration not only practical constraints, including host functionality and software availability, but also weight, severity and impact range of vulnerability, well balancing and effectively minimizing the potential damage by an single attack. We also introduce possible enhancements by taking advantage of topological features of the network. Finally, we present a comparative analysis of our algorithm using simulation over various network structures. The results not only confirm the effectiveness and scalability of our algorithm, but also show its capability in creating moving attack surface. The level of heterogeneity our algorithm can actually create depends on the ratio of the number of installed software to the total number of available software.

UR - http://www.scopus.com/inward/record.url?scp=85019986412&partnerID=8YFLogxK

UR - http://www.scopus.com/inward/citedby.url?scp=85019986412&partnerID=8YFLogxK

U2 - 10.1016/j.jisa.2017.05.004

DO - 10.1016/j.jisa.2017.05.004

M3 - Article

AN - SCOPUS:85019986412

VL - 35

SP - 55

EP - 67

JO - Journal of Information Security and Applications

JF - Journal of Information Security and Applications

SN - 2214-2126

ER -