Toward software diversity in heterogeneous networked systems

Chu Huang, Sencun Zhu, Robert Erbacher

Research output: Chapter in Book/Report/Conference proceedingConference contribution

5 Scopus citations

Abstract

When there are either design or implementation flaws, a homogeneous architecture is likely to be disrupted entirely by a single attack (e.g., a worm) that exploits its vulnerability. Following the survivability through heterogeneity philosophy, we present a novel approach to improving survivability of networked systems by adopting the technique of software diversity. Specifically, we design an efficient algorithm to select and deploy a set of off-the-shelf software to hosts in a networked system, such that the number and types of vulnerabilities presented on one host would be different from that on its neighboring nodes. In this way, we are able to contain a worm in an isolated "island". This algorithm addresses software assignment problem in more complex scenarios by taking into consideration practical constraints, e.g., hosts may have diverse requirements based on different system prerequisites. We evaluate the performance of our algorithm through simulations on both simple and complex system models. The results confirm the effectiveness and scalability of our algorithm.

Original languageEnglish (US)
Title of host publicationData and Applications Security and Privacy XXVIII - 28th Annual IFIP WG 11.3 Working Conference, DBSec 2014, Proceedings
PublisherSpringer Verlag
Pages114-129
Number of pages16
ISBN (Print)9783662439357
DOIs
StatePublished - Jan 1 2014
Event28th Annual IFIP WG 11.3 Working Conference on Data and Applications Security and Privacy, DBSEC 2014 - Vienna, Austria
Duration: Jul 14 2014Jul 16 2014

Publication series

NameLecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)
Volume8566 LNCS
ISSN (Print)0302-9743
ISSN (Electronic)1611-3349

Other

Other28th Annual IFIP WG 11.3 Working Conference on Data and Applications Security and Privacy, DBSEC 2014
CountryAustria
CityVienna
Period7/14/147/16/14

All Science Journal Classification (ASJC) codes

  • Theoretical Computer Science
  • Computer Science(all)

Fingerprint Dive into the research topics of 'Toward software diversity in heterogeneous networked systems'. Together they form a unique fingerprint.

  • Cite this

    Huang, C., Zhu, S., & Erbacher, R. (2014). Toward software diversity in heterogeneous networked systems. In Data and Applications Security and Privacy XXVIII - 28th Annual IFIP WG 11.3 Working Conference, DBSec 2014, Proceedings (pp. 114-129). (Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics); Vol. 8566 LNCS). Springer Verlag. https://doi.org/10.1007/978-3-662-43936-4_8