A quorum-consensus replication method for abstract data types
ACM Transactions on Computer Systems (TOCS)
Consensus in the presence of partial synchrony
Journal of the ACM (JACM)
Implementing fault-tolerant services using the state machine approach: a tutorial
ACM Computing Surveys (CSUR)
Maintaining authenticated communication in the presence of break-ins
PODC '97 Proceedings of the sixteenth annual ACM symposium on Principles of distributed computing
Practical Byzantine fault tolerance
OSDI '99 Proceedings of the third symposium on Operating systems design and implementation
A Majority consensus approach to concurrency control for multiple copy databases
ACM Transactions on Database Systems (TODS)
The Byzantine Generals Problem
ACM Transactions on Programming Languages and Systems (TOPLAS)
Communications of the ACM
A method for obtaining digital signatures and public-key cryptosystems
Communications of the ACM
Time, clocks, and the ordering of events in a distributed system
Communications of the ACM
BASE: using abstraction to improve fault tolerance
SOSP '01 Proceedings of the eighteenth ACM symposium on Operating systems principles
Practical byzantine fault tolerance and proactive recovery
ACM Transactions on Computer Systems (TOCS)
CRYPTO '89 Proceedings of the 9th Annual International Cryptology Conference on Advances in Cryptology
Proactive Secret Sharing Or: How to Cope With Perpetual Leakage
CRYPTO '95 Proceedings of the 15th Annual International Cryptology Conference on Advances in Cryptology
Weighted voting for replicated data
SOSP '79 Proceedings of the seventh ACM symposium on Operating systems principles
Building Diverse Computer Systems
HOTOS '97 Proceedings of the 6th Workshop on Hot Topics in Operating Systems (HotOS-VI)
Software Rejuvenation: Analysis, Module and Applications
FTCS '95 Proceedings of the Twenty-Fifth International Symposium on Fault-Tolerant Computing
Xen and the art of virtualization
SOSP '03 Proceedings of the nineteenth ACM symposium on Operating systems principles
Countering code-injection attacks with instruction-set randomization
Proceedings of the 10th ACM conference on Computer and communications security
Randomized instruction set emulation to disrupt binary code injection attacks
Proceedings of the 10th ACM conference on Computer and communications security
Intrusion Tolerance and Anti-Traffic Analysis Strategies For Wireless Sensor Networks
DSN '04 Proceedings of the 2004 International Conference on Dependable Systems and Networks
CODEX: A Robust and Secure Secret Distribution System
IEEE Transactions on Dependable and Secure Computing
On the effectiveness of address-space randomization
Proceedings of the 11th ACM conference on Computer and communications security
Distributed Computing
Randomized instruction set emulation
ACM Transactions on Information and System Security (TISSEC)
A Comprehensive Model for Software Rejuvenation
IEEE Transactions on Dependable and Secure Computing
APSS: proactive secret sharing in asynchronous systems
ACM Transactions on Information and System Security (TISSEC)
DieHard: probabilistic memory safety for unsafe languages
Proceedings of the 2006 ACM SIGPLAN conference on Programming language design and implementation
Closing Cluster Attack Windows Through Server Redundancy and Rotations
CCGRID '06 Proceedings of the Sixth IEEE International Symposium on Cluster Computing and the Grid
Proactive resilience through architectural hybridization
Proceedings of the 2006 ACM symposium on Applied computing
Independence From Obfuscation: A Semantic Framework for Dive
CSFW '06 Proceedings of the 19th IEEE workshop on Computer Security Foundations
Known/Chosen Key Attacks against Software Instruction Set Randomization
ACSAC '06 Proceedings of the 22nd Annual Computer Security Applications Conference
ARES '07 Proceedings of the The Second International Conference on Availability, Reliability and Security
Microreboot — A technique for cheap recovery
OSDI'04 Proceedings of the 6th conference on Symposium on Opearting Systems Design & Implementation - Volume 6
Address obfuscation: an efficient approach to combat a board range of memory error exploits
SSYM'03 Proceedings of the 12th conference on USENIX Security Symposium - Volume 12
Where's the FEEB? the effectiveness of instruction set randomization
SSYM'05 Proceedings of the 14th conference on USENIX Security Symposium - Volume 14
N-variant systems: a secretless framework for security through diversity
USENIX-SS'06 Proceedings of the 15th conference on USENIX Security Symposium - Volume 15
The N-Version Approach to Fault-Tolerant Software
IEEE Transactions on Software Engineering
The geometry of innocent flesh on the bone: return-into-libc without function calls (on the x86)
Proceedings of the 14th ACM conference on Computer and communications security
Resilient Intrusion Tolerance through Proactive and Reactive Recovery
PRDC '07 Proceedings of the 13th Pacific Rim International Symposium on Dependable Computing
Relaxed determinism: making redundant execution on multiprocessors practical
HOTOS'07 Proceedings of the 11th USENIX workshop on Hot topics in operating systems
The FOREVER service for fault/intrusion removal
Proceedings of the 2nd workshop on Recent advances on intrusiton-tolerant systems
Fast byte-granularity software fault isolation
Proceedings of the ACM SIGOPS 22nd symposium on Operating systems principles
Tightlip: keeping applications from spilling the beans
NSDI'07 Proceedings of the 4th USENIX conference on Networked systems design & implementation
Beyond traces and independence
Dependable and Historic Computing
Security and Communication Networks
A survey of software aging and rejuvenation studies
ACM Journal on Emerging Technologies in Computing Systems (JETC) - Special Issue on Reliability and Device Degradation in Emerging Technologies and Special Issue on WoSAR 2011
Hi-index | 0.00 |
Proactive obfuscation is a new method for creating server replicas that are likely to have fewer shared vulnerabilities. It uses semantics-preserving code transformations to generate diverse executables, periodically restarting servers with these fresh versions. The periodic restarts help bound the number of compromised replicas that a service ever concurrently runs, and therefore proactive obfuscation makes an adversary's job harder. Proactive obfuscation was used in implementing two prototypes: a distributed firewall based on state-machine replication and a distributed storage service based on quorum systems. Costs intrinsic to supporting proactive obfuscation in replicated systems were evaluated by measuring the performance of these prototypes. The results show that employing proactive obfuscation adds little to the cost of replica-management protocols.