An experimental evaluation of the assumption of independence in multiversion programming
IEEE Transactions on Software Engineering
Architectural issues in fault-tolerant, secure computing systems
Architectural issues in fault-tolerant, secure computing systems
An Experimental Evaluation of Software Redundancy as a Strategy for Improving Reliability
IEEE Transactions on Software Engineering
Operating system protection through program evolution
Computers and Security
N-Version Design Versus One Good Version
IEEE Software
Building Diverse Computer Systems
HOTOS '97 Proceedings of the 6th Workshop on Hot Topics in Operating Systems (HotOS-VI)
The Confused Deputy: (or why capabilities might have been invented)
ACM SIGOPS Operating Systems Review
Countering code-injection attacks with instruction-set randomization
Proceedings of the 10th ACM conference on Computer and communications security
Randomized instruction set emulation to disrupt binary code injection attacks
Proceedings of the 10th ACM conference on Computer and communications security
Review and analysis of synthetic diversity for breaking monocultures
Proceedings of the 2004 ACM workshop on Rapid malcode
An architecture a day keeps the hacker away
ACM SIGARCH Computer Architecture News - Special issue: Workshop on architectural support for security and anti-virus (WASSA)
N-variant systems: a secretless framework for security through diversity
USENIX-SS'06 Proceedings of the 15th conference on USENIX Security Symposium - Volume 15
StackGuard: automatic adaptive detection and prevention of buffer-overflow attacks
SSYM'98 Proceedings of the 7th conference on USENIX Security Symposium - Volume 7
Multi-variant Program Execution: Using Multi-core Systems to Defuse Buffer-Overflow Vulnerabilities
CISIS '08 Proceedings of the 2008 International Conference on Complex, Intelligent and Software Intensive Systems
When good instructions go bad: generalizing return-oriented programming to RISC
Proceedings of the 15th ACM conference on Computer and communications security
Proceedings of the 4th ACM European conference on Computer systems
Computer viruses as artificial life
Artificial Life
On the effectiveness of the metamorphic shield
Proceedings of the Fourth European Conference on Software Architecture: Companion Volume
Multi-variant program execution for vulnerability detection and analysis
Proceedings of the Sixth Annual Workshop on Cyber Security and Information Intelligence Research
On the effectiveness of multi-variant program execution for vulnerability detection and prevention
Proceedings of the 6th International Workshop on Security Measurements and Metrics
E unibus pluram: massive-scale software diversity as a defense mechanism
Proceedings of the 2010 workshop on New security paradigms
Runtime Defense against Code Injection Attacks Using Replicated Execution
IEEE Transactions on Dependable and Secure Computing
System structure for software fault tolerance
IEEE Transactions on Software Engineering
Hi-index | 0.00 |
Ubiquitous cyber systems and their supporting infrastructure impact productivity and quality of life immensely. Their penetration in our daily life increases the need for their enhanced resilience and for means to secure and protect them. One major threat is the contemporary software monoculture. Recent research illustrated the vulnerability of the software monoculture and proposed diversity to reduce the attack surface. In this paper, we propose a biologically-inspired defense system, ChameleonSoft, that employs multidimensional software diversity to, in effect, induce spatiotemporal "software behavior encryption" for moving target defense. The key principles of ChameleonSoft are decoupling functional roles from runtime role players; devising intrinsically-resilient composable online-programmable building blocks; separating logic, state and physical resources; and employing functionally-equivalent, behaviorally-different code variants. ChameleonSoft is also equipped with an autonomic failure recovery mechanism for enhanced resilience. Nodes employing ChameleonSoft autonomously and cooperatively change their recovery and encryption policies both proactively and reactively according to the continual changes in context and environment. Using analysis and simulation, our results show that chameleonsoft can encrypt the execution behavior by confusion and diffusion induction at a reasonable overhead.