Heterogeneous networking: a new survivability paradigm
Proceedings of the 2001 workshop on New security paradigms
Dispersion games: general definitions and some specific learning results
Eighteenth national conference on Artificial intelligence
Building Diverse Computer Systems
HOTOS '97 Proceedings of the 6th Workshop on Hot Topics in Operating Systems (HotOS-VI)
Countering code-injection attacks with instruction-set randomization
Proceedings of the 10th ACM conference on Computer and communications security
Communications of the ACM - Homeland security
On achieving software diversity for improved network security using distributed coloring algorithms
Proceedings of the 11th ACM conference on Computer and communications security
On the effectiveness of address-space randomization
Proceedings of the 11th ACM conference on Computer and communications security
Countering Network Worms Through Automatic Patch Generation
IEEE Security and Privacy
The N-Version Approach to Fault-Tolerant Software
IEEE Transactions on Software Engineering
IEEE Security and Privacy
Anomalous payload-based worm detection and signature generation
RAID'05 Proceedings of the 8th international conference on Recent Advances in Intrusion Detection
Towards secure and dependable software-defined networks
Proceedings of the second ACM SIGCOMM workshop on Hot topics in software defined networking
Hi-index | 0.00 |
Although many have recognized the risks of software monocultures, it is not currently clear how much and what kind of diversity would be needed to address these risks. Here we attempt to provide insight into this issue using a simple model of hosts and vulnerabilities connected in a bipartite graph. We use this graph to compute diversity metrics as Renyi entropy and to formulate an anti-coordination game to understand why computer host owners would choose to diversify. Since security isn't the only factor considered when choosing software in the real world, we propose a slight variation of the popular security wargame Capture the Flag that can serve as a testbed for understanding the utility of diversity as a defense strategy.