Evaluating the Network Diversity of Networks Against Zero-Day Attacks
Diversity has long been regarded as a security mechanism and it has found new applications in security, e.g., in cloud, Moving Target Defense (MTD), and network routing. However, most existing efforts rely on intuitive and imprecise notions of diversity, and the few existing models of diversity are mostly designed for a single system running diverse software replicas or variants. At a higher abstraction level, as a global property of the entire network, diversity and its effect on security have received limited attention. In this chapter, we present a formal model of network diversity as a security metric. Specifically, we first devise a biodiversity-inspired metric based on the effective number of distinct resources. We then propose two complementary diversity metrics, based on the least and the average attacking efforts, respectively. Finally, we evaluate the proposed metrics through simulation.
Authors with Concordia University were partially supported by the Natural Sciences and Engineering Research Council of Canada under Discovery Grant N01035. Sushil Jajodia was partially supported by the by Army Research Office grants W911NF-13-1-0421 and W911NF-15-1-0576, by the Office of Naval Research grant N00014-15-1-2007, National Institutes of Standard and Technology grant 60NANB16D287, and by the National Science Foundation grant IIP-1266147.
- 1.M. Albanese, S. Jajodia, S. Noel, A time-efficient approach to cost-effective network hardening using attack graphs, in Proceedings of DSN’12 (2012), pp. 1–12Google Scholar
- 2.S. Alrabaee, P. Shirani, L. Wang, M. Debbabi, Sigma: a semantic integrated graph matching approach for identifying reused functions in binary code. Digit. Investig. 12(Supplement 1), S61–S71 (2015)Google Scholar
- 3.P. Ammann, D. Wijesekera, S. Kaushik, Scalable, graph-based network vulnerability analysis, in Proceedings of ACM CCS’02 (2002)Google Scholar
- 4.H.A. Basit, S. Jarzabek, Efficient token based clone detection with flexible tokenization, in Proceedings of the 6th joint meeting of the European software engineering conference and the ACM SIGSOFT symposium on The foundations of software engineering (ACM, New York, 2007), pp. 513–516Google Scholar
- 5.S. Bhatkar, D.C. DuVarney, R. Sekar, Address obfuscation: an efficient approach to combat a broad range of memory error exploits, in Proceedings of the 12th USENIX security symposium, Washington, DC, vol. 120 (2003)Google Scholar
- 6.S. Bhatkar, R. Sekar, Data space randomization, in Proceedings of the 5th International Conference on Detection of Intrusions and Malware, and Vulnerability Assessment, DIMVA ’08 (Springer, Berlin/Heidelberg, 2008), pp. 1–22Google Scholar
- 7.R. Brixtel, M. Fontaine, B. Lesner, C. Bazin, R. Robbes, Language-independent clone detection applied to plagiarism detection, in 2010 10th IEEE Working Conference on Source Code Analysis and Manipulation (SCAM) (IEEE, Los Alamitos, 2010), pp. 77–86Google Scholar
- 8.J. Caballero, T. Kampouris, D. Song, J. Wang, Would diversity really increase the robustness of the routing infrastructure against software defects? in Proceedings of the Network and Distributed System Security Symposium (2008)Google Scholar
- 9.B.G. Chun, P. Maniatis, S. Shenker, Diverse replication for single-machine byzantine-fault tolerance, in USENIX Annual Technical Conference (2008), pp. 287–292Google Scholar
- 10.B. Cox, D. Evans, A. Filipi, J. Rowanhill, W. Hu, J. Davidson, J. Knight, A. Nguyen-Tuong, J. Hiser, N-variant systems: a secretless framework for security through diversity. Defense Technical Information Center (2006)Google Scholar
- 11.CVE for ubuntu 11.04. http://www.cvedetails.com/vulnerability-list/vendor_id-4781/product_id-20550/version_id-104819/Canonical-Ubuntu-Linux-11.04.html, Sep, 2015.
- 12.T. Dullien, E. Carrera, S.M. Eppler, S. Porst, Automated attacker correlation for malicious code. Technical report, DTIC Document (2010)Google Scholar
- 15.N. Falliere, L.O. Murchu, E. Chien, W32.stuxnet dossier. Symantec Security Response (2011)Google Scholar
- 16.M. Frigault, L. Wang, A. Singhal, S. Jajodia, Measuring network security using dynamic Bayesian network, in Proceedings of 4th ACM QoP (2008)Google Scholar
- 17.K. Gaitanis, E. Cohen, Open bayes 0.1.0. https://pypi.python.org/pypi/OpenBayes (2013)
- 19.M. Garcia, A. Bessani, I. Gashi, N. Neves, R. Obelheiro, OS diversity for intrusion tolerance: myth or reality? in 2011 IEEE/IFIP 41st International Conference on Dependable Systems & Networks (DSN) (2011), pp. 383–394Google Scholar
- 21.S. Jajodia, S. Noel, B. O’Berry, Topological analysis of network attack vulnerability, in Managing Cyber Threats: Issues, Approaches and Challenges, ed. by V. Kumar, J. Srivastava, A. Lazarevic (Kluwer Academic Publisher, Dordrecht, 2003)Google Scholar
- 23.J. Jang, D. Brumley, S. Venkataraman, Bitshred: fast, scalable malware triage. Cylab, Carnegie Mellon University, Pittsburgh, PA, Technical Report CMU-Cylab-10, 22 (2010)Google Scholar
- 24.J.H. Johnson, Identifying redundancy in source code using fingerprints, in Proceedings of the 1993 conference of the Centre for Advanced Studies on Collaborative research: software engineering, vol. 1 (IBM Press, 1993), pp. 171–183Google Scholar
- 25.G.S. Kc, A.D. Keromytis, V. Prevelakis, Countering code-injection attacks with instruction-set randomization, in Proceedings of the 10th ACM conference on Computer and communications security (ACM, New York, 2003), pp. 272–280Google Scholar
- 26.W.M. Khoo, A. Mycroft, R. Anderson, Rendezvous: a search engine for binary code, in Proceedings of the 10th Working Conference on Mining Software Repositories, MSR ’13 (2013), pp. 329–338Google Scholar
- 28.B. Littlewood, L. Strigini, Redundancy and diversity in security. Computer Security–ESORICS 2004 (2004), pp. 423–438Google Scholar
- 30.M.A. McQueen, W.F. Boyer, M.A. Flynn, G.A. Beitel, Time-to-compromise model for cyber risk reduction estimation, in Quality of Protection (Springer, Berlin, 2006), pp. 49–64Google Scholar
- 32.National vulnerability database. Available at: http://www.nvd.org, May 9, 2008.
- 33.X. Ou, W.F. Boyer, M.A. McQueen, A scalable approach to attack graph generation, in Proceedings of the 13th ACM conference on Computer and communications security, CCS’06 (ACM, New York, 2006), pp. 336–345Google Scholar
- 34.E.C. Pielou, Ecological Diversity (Wiley, New York, 1975)Google Scholar
- 35.Penetration testing virtual labs. https://www.offensive-security.com/offensive-security-solutions/virtual-penetration-testing-labs/, Sep, 2015.
- 37.A. Sæbjørnsen, J. Willcock, T. Panas, D. Quinlan, Z. Su, Detecting code clones in binary executables, in Proceedings of the eighteenth international symposium on Software testing and analysis (ACM, New York, 2009), pp. 117–128Google Scholar
- 38.O. Sheyner, J. Haines, S. Jha, R. Lippmann, J.M. Wing, Automated generation and analysis of attack graphs, in Proceedings of the 2002 IEEE Symposium on Security and Privacy (2002)Google Scholar
- 39.L. Wang, M. Zhang, S. Jajodia, A. Singhal, M. Albanese, Modeling network diversity for evaluating the robustness of networks against zero-day attacks, in Proceedings of ESORICS’14 (2014), pp. 494–511Google Scholar
- 40.Y. Yang, S. Zhu, G. Cao, Improving sensor network immunity under worm attacks: a software diversity approach, in Proceedings of the 9th ACM international symposium on Mobile ad hoc networking and computing (ACM, New York, 2008), pp. 149–158Google Scholar