ASIACCS '07 Proceedings of the 2nd ACM symposium on Information, computer and communications security
Relaxed determinism: making redundant execution on multiprocessors practical
HOTOS'07 Proceedings of the 11th USENIX workshop on Hot topics in operating systems
N-variant IC design: methodology and applications
Proceedings of the 45th annual Design Automation Conference
Diverse replication for single-machine Byzantine-fault tolerance
ATC'08 USENIX 2008 Annual Technical Conference on Annual Technical Conference
Static Analysis on x86 Executables for Preventing Automatic Mimicry Attacks
DIMVA '07 Proceedings of the 4th international conference on Detection of Intrusions and Malware, and Vulnerability Assessment
DIMVA '08 Proceedings of the 5th international conference on Detection of Intrusions and Malware, and Vulnerability Assessment
Proceedings of the 4th ACM European conference on Computer systems
Resilient multi-core systems: a hierarchical formal model for N-variant executions
Proceedings of the 5th Annual Workshop on Cyber Security and Information Intelligence Research: Cyber Security and Information Intelligence Challenges and Strategies
Polymorphing Software by Randomizing Data Structure Layout
DIMVA '09 Proceedings of the 6th International Conference on Detection of Intrusions and Malware, and Vulnerability Assessment
On the Effectiveness of Software Diversity: A Systematic Study on Real-World Vulnerabilities
DIMVA '09 Proceedings of the 6th International Conference on Detection of Intrusions and Malware, and Vulnerability Assessment
Privately querying location-based services with SybilQuery
Proceedings of the 11th international conference on Ubiquitous computing
Virtually eliminating router bugs
Proceedings of the 5th international conference on Emerging networking experiments and technologies
Orthrus: efficient software integrity protection on multi-cores
Proceedings of the fifteenth edition of ASPLOS on Architectural support for programming languages and operating systems
Run-time randomization to mitigate tampering
IWSEC'07 Proceedings of the Security 2nd international conference on Advances in information and computer security
ACM Transactions on Computer Systems (TOCS)
N-version disassembly: differential testing of x86 disassemblers
Proceedings of the 19th international symposium on Software testing and analysis
Multi-variant program execution for vulnerability detection and analysis
Proceedings of the Sixth Annual Workshop on Cyber Security and Information Intelligence Research
On the effectiveness of multi-variant program execution for vulnerability detection and prevention
Proceedings of the 6th International Workshop on Security Measurements and Metrics
Tolerating file-system mistakes with EnvyFS
USENIX'09 Proceedings of the 2009 conference on USENIX Annual technical conference
The case for software evolution
Proceedings of the FSE/SDP workshop on Future of software engineering research
Proceedings of the 26th Annual Computer Security Applications Conference
Cruiser: concurrent heap buffer overflow monitoring using lock-free data structures
Proceedings of the 32nd ACM SIGPLAN conference on Programming language design and implementation
ICCSA'11 Proceedings of the 2011 international conference on Computational science and its applications - Volume Part II
Detecting and surviving data races using complementary schedules
SOSP '11 Proceedings of the Twenty-Third ACM Symposium on Operating Systems Principles
Efficiently speeding up sequential computation through the n-way programming model
Proceedings of the 2011 ACM international conference on Object oriented programming systems languages and applications
Behavioral distance measurement using hidden markov models
RAID'06 Proceedings of the 9th international conference on Recent Advances in Intrusion Detection
Dependable and Historic Computing
Runtime countermeasures for code injection attacks against C and C++ programs
ACM Computing Surveys (CSUR)
Enhanced operating system security through efficient and fine-grained address space randomization
Security'12 Proceedings of the 21st USENIX conference on Security symposium
TACHYON: tandem execution for efficient live patch testing
Security'12 Proceedings of the 21st USENIX conference on Security symposium
Binary stirring: self-randomizing instruction addresses of legacy x86 binary code
Proceedings of the 2012 ACM conference on Computer and communications security
Feedback-driven binary code diversification
ACM Transactions on Architecture and Code Optimization (TACO) - Special Issue on High-Performance Embedded Architectures and Compilers
Assessing the trustworthiness of drivers
RAID'12 Proceedings of the 15th international conference on Research in Attacks, Intrusions, and Defenses
Memory errors: the past, the present, and the future
RAID'12 Proceedings of the 15th international conference on Research in Attacks, Intrusions, and Defenses
Quantitative survivability evaluation of three virtual machine-based server architectures
Journal of Network and Computer Applications
ChameleonSoft: Software Behavior Encryption for Moving Target Defense
Mobile Networks and Applications
GHUMVEE: efficient, effective, and flexible replication
FPS'12 Proceedings of the 5th international conference on Foundations and Practice of Security
Safe software updates via multi-version execution
Proceedings of the 2013 International Conference on Software Engineering
Multiverse: efficiently supporting distributed high-level speculation
Proceedings of the 2013 ACM SIGPLAN international conference on Object oriented programming systems languages & applications
Proceedings of the 2013 Research in Adaptive and Convergent Systems
A survey of software aging and rejuvenation studies
ACM Journal on Emerging Technologies in Computing Systems (JETC) - Special Issue on Reliability and Device Degradation in Emerging Technologies and Special Issue on WoSAR 2011
| Hi-index | 0.00 |
We present an architectural framework for systematically using automated diversity to provide high assurance detection and disruption for large classes of attacks. The framework executes a set of automatically diversified variants on the same inputs, and monitors their behavior to detect divergences. The benefit of this approach is that it requires an attacker to simultaneously compromise all system variants with the same input. By constructing variants with disjoint exploitation sets, we can make it impossible to carry out large classes of important attacks. In contrast to previous approaches that use automated diversity for security, our approach does not rely on keeping any secrets. In this paper, we introduce the N-variant systems framework, present a model for analyzing security properties of N-variant systems, define variations that can be used to detect attacks that involve referencing absolute memory addresses and executing injected code, and describe and present performance results from a prototype implementation.