Skip to main content
SpringerLink
Log in

Diversity-Based Approaches to Software Systems Security

  • Conference paper
Security Technology (SecTech 2011)

Part of the book series: Communications in Computer and Information Science ((CCIS,volume 259))

Included in the following conference series:

Abstract

Software systems security represents a major concern as cyber-attacks continue to grow in number and sophistication. In addition to the increasing complexity and interconnection of modern information systems, these systems run significant similar software. This is known as IT monoculture. As a consequence, software systems share common vulnerabilities, which enable the spread of malware. The principle of diversity can help in mitigating the negative effects of IT monoculture on security. One important category of the diversity-based software approaches for security purposes focuses on enabling efficient and effective dynamic monitoring of software system behavior in operation. In this paper, we present briefly these approaches and we propose a new approach which aims at generating dynamically a diverse set of lightweight traces. We initiate the discussion of some research issues which will be the focus of our future research work.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution
Chapter
USD 29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD 39.99
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD 54.99
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

Preview

Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.

References

  1. Atighetchi, M., Rubel, P., Pal, P.P., Chong, J., Sudin, L.: Networking aspects in the dpasa survivability architecture: An experience report. In: Fourth IEEE International Symposium on Network Computing and Applications (NCA 2005), pp. 219–222. IEEE Computer Society (2005)

    Google Scholar 

  2. Avizienis, A., Laprie, J.C., Randell, B., Landwehr, C.E.: Basic concepts and taxonomy of dependable and secure computing. IEEE Trans. Dependable Sec. Comput. 1(1), 11–33 (2004)

    Article  Google Scholar 

  3. Bain, C., Faatz, D.B., Fayad, A., Williams, D.E.: Diversity as a defense strategy in information systems. does evidence from previous events support such an approach? In: Gertz, M., Guldentops, E., Strous, L. (eds.) Fourth Working Conference on Integrity, Internal Control and Security in Information Systems, IICIS 2001. IFIP Conference Proceedings, vol. 211, pp. 77–94. Kluwer (2001)

    Google Scholar 

  4. Barrantes, E.G., Ackley, D.H., Palmer, T.S., Stefanovic, D., Zovi, D.D.: Randomized instruction set emulation to disrupt binary code injection attacks. In: Jajodia, S., Atluri, V., Jaeger, T. (eds.) Proceedings of the 10th ACM Conference on Computer and Communications Security, pp. 281–289. ACM (2003)

    Google Scholar 

  5. Bessani, A.N., Reiser, H.P., Sousa, P., Gashi, I., Stankovic, V., Distler, T., Kapitza, R., Daidone, A., Obelheiro, R.R.: Forever: Fault/intrusion removal through evolution & recovery. In: Douglis, F. (ed.) ACM/IFIP/USENIX 9th International Middleware Conference, pp. 99–101. ACM (2008)

    Google Scholar 

  6. Bhatkar, S., Sekar, R.: Data Space Randomization. In: Zamboni, D. (ed.) DIMVA 2008. LNCS, vol. 5137, pp. 1–22. Springer, Heidelberg (2008)

    Chapter  Google Scholar 

  7. Chong, J., Pal, P.P., Atighetchi, M., Rubel, P., Webber, F.: Survivability architecture of a mission critical system: The dpasa example. In: 21st Annual Computer Security Applications Conference, ACSAC 2005, pp. 495–504. IEEE Computer Society (2005)

    Google Scholar 

  8. Cox, B., Evans, D., Filipi, A., Rowanhill, J., Hu, W., Davidson, J., Knight, J., Nguyen-Tuong, A., Hiser, J.: N-variant systems: a secretless framework for security through diversity. In: USENIX-SS 2006: Proceedings of the 15th conference on USENIX Security Symposium. USENIX Association, Berkeley (2006)

    Google Scholar 

  9. Deswarte, Y., Kanoun, K., Laprie, J.C.: Diversity against accidental and deliberate faults. In: Ammann, P., Barnes, B.H., Jajodia, S., Sibley, E.H. (eds.) Computer Security, Dependability, and Assurance: From Needs to Solutions, November 1998, pp. 171–181. IEEE Computer Press, Williamsburg (1998)

    Google Scholar 

  10. Deswarte, Y., Powell, D.: Intrusion tolerance for internet applications. In: Jacquart, R. (ed.) Building the Information Society, IFIP 18th World Computer Congress, pp. 241–256. Kluwer (2004)

    Google Scholar 

  11. Forrest, S., Somayaji, A., Ackley, D.H.: Building diverse computer systems. In: Workshop on Hot Topics in Operating Systems, pp. 67–72 (1997)

    Google Scholar 

  12. Gao, D., Reiter, M.K., Song, D.X.: Behavioral Distance Measurement Using Hidden Markov Models. In: Zamboni, D., Krügel, C. (eds.) RAID 2006. LNCS, vol. 4219, pp. 19–40. Springer, Heidelberg (2006)

    Chapter  Google Scholar 

  13. Gao, D., Reiter, M.K., Song, D.X.: Behavioral Distance for Intrusion Detection. In: Valdes, A., Zamboni, D. (eds.) RAID 2005. LNCS, vol. 3858, pp. 63–81. Springer, Heidelberg (2006)

    Chapter  Google Scholar 

  14. Gherbi, A., Charpentier, R., Couture, M.: Redundancy with diversity based software architectures for the detection and tolerance of cyber-attacks. Technical Memorandum TM-2010-287, Defence Reasearch and Development Canada - DRDC Valcartier (2010)

    Google Scholar 

  15. Hamou-Lhadj, A.: Measuring the complexity of traces using shannon entropy. In: Fifth International Conference on Information Technology: New Generations (ITNG 2008), pp. 489–494. IEEE Computer Society (2008)

    Google Scholar 

  16. Kc, G.S., Keromytis, A.D., Prevelakis, V.: Countering code-injection attacks with instruction-set randomization. In: Jajodia, S., Atluri, V., Jaeger, T. (eds.) Proceedings of the 10th ACM Conference on Computer and Communications Security, pp. 272–280. ACM (2003)

    Google Scholar 

  17. Lala, J.H., Schneider, F.B.: It monoculture security risks and defenses. IEEE Security & Privacy 7(1), 12–13 (2009)

    Article  Google Scholar 

  18. Pal, P.P., Rubel, P., Atighetchi, M., Webber, F., Sanders, W.H., Seri, M., Ramasamy, H.V., Lyons, J., Courtney, T., Agbaria, A., Cukier, M., Gossett, J.M., Keidar, I.: An architecture for adaptive intrusion-tolerant applications. Softw., Pract. Exper. 36(11-12), 1331–1354 (2006)

    Article  Google Scholar 

  19. Reynolds, J.C., Just, J.E., Lawson, E., Clough, L.A., Maglich, R., Levitt, K.N.: The design and implementation of an intrusion tolerant system. In: International Conference on Dependable Systems and Networks (DSN 2002), pp. 285–292. IEEE Computer Society (2002)

    Google Scholar 

  20. Sames, D., Matt, B., Niebuhr, B., Tally, G., Whitmore, B., Bakken, D.E.: Developing a heterogeneous intrusion tolerant corba system. In: DSN 2002: Proceedings of the 2002 International Conference on Dependable Systems and Networks, pp. 239–248. IEEE Computer Society, Washington, DC, USA (2002)

    Google Scholar 

  21. Shacham, H., Page, M., Pfaff, B., Goh, E.J., Modadugu, N., Boneh, D.: On the effectiveness of address-space randomization. In: Atluri, V., Pfitzmann, B., McDaniel, P.D. (eds.) Proceedings of the 11th ACM Conference on Computer and Communications Security, CCS 2004, pp. 298–307. ACM (2004)

    Google Scholar 

  22. Symantec: Symantec global internet security threat report – trends for 2008. Tech. Rep. Volume XIV, Symantec (2009)

    Google Scholar 

  23. Taylor, C., Alves-Foss, J.: Diversity as a computer defense mechanism: A panel. In: NSPW 2005: Proceedings of the 2005 Workshop on New Security Paradigms, pp. 11–14. ACM, New York (2005)

    Chapter  Google Scholar 

  24. Lloyd’s Emerging Risk Team: Digital risks: Views of a changing risk landscape. Tech. Rep. Volume XIV, Lloyd’s (April 2009)

    Google Scholar 

  25. Totel, E., Majorczyk, F., Mé, L.: COTS Diversity Based Intrusion Detection and Application to Web Servers. In: Valdes, A., Zamboni, D. (eds.) RAID 2005. LNCS, vol. 3858, pp. 43–62. Springer, Heidelberg (2006)

    Chapter  Google Scholar 

  26. Valdes, A., Almgren, M., Cheung, S., Deswarte, Y., Dutertre, B., Levy, J., Saïdi, H., Stavridou, V., Uribe, T.E.: Dependable intrusion tolerance: Technology demo. In: 3rd DARPA Information Survivability Conference and Exposition (DISCEX-III 2003), pp. 128–130. IEEE Computer Society (2003)

    Google Scholar 

  27. Veríssimo, P., Neves, N.F., Cachin, C., Poritz, J.A., Powell, D., Deswarte, Y., Stroud, R.J., Welch, I.: Intrusion-tolerant middleware: the road to automatic security. IEEE Security & Privacy 4(4), 54–62 (2006)

    Article  Google Scholar 

  28. Wang, F., Jou, F., Gong, F., Sargor, C., Goseva-Popstojanova, K., Trivedi, K.: Sitar: A scalable intrusion-tolerant architecture for distributed services. In: Foundations of Intrusion Tolerant Systems. IEEE Computer Society, Los Alamitos (2003)

    Google Scholar 

  29. Weatherwax, E., Knight, J., Nguyen-Tuong, A.: A Model of Secretless Security in N-Variant Systems. In: Workshop on Compiler and Architectural Techniques for Application Reliability and Security (CATARS), In the 39th Annual IEEE/IFIP International Conference on Dependable Systems and Network, DSN 2009 (2009)

    Google Scholar 

  30. Whitehouse, O.: An analysis of address space layout randomization on windows vista. Tech. rep., Symantec (2007)

    Google Scholar 

Download references

Author information

Authors and Affiliations

  1. Department of Software and IT Engineering, École de technologies supérieure, ÉTS, Montréal, Canada

    Abdelouahed Gherbi

  2. Defence Research and Development Canada - Valcartier, Québec, Canada

    Robert Charpentier

Authors
  1. Abdelouahed Gherbi
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Robert Charpentier
    View author publications

    You can also search for this author in PubMed Google Scholar

Editor information

Editors and Affiliations

  1. Multimedia Engineering Department, Hannam University, 133 Ojeong-dong, Daeduk-gu, Daejeon, Korea

    Tai-hoon Kim

  2. The Ohio State University, 470 Hitchcock Hall, 2070 Neil Avenue, 43210-1275, Columbus, OH, USA

    Hojjat Adeli

  3. National Chiao Tung University, Hsinchu, Taiwan, R.O.C.

    Wai-chi Fang

  4. Universidad Complutense de Madrid, 28040, Madrid, Spain

    Javier García Villalba

  5. Mississippi State University, Mississippi State, MS, USA

    Kirk P. Arnett

  6. Center of Excellence in Information Assurance, King Saud University, Kingdom of Saudi Arabia

    Muhammad Khurram Khan

Rights and permissions

Reprints and permissions

Copyright information

© 2011 Springer-Verlag Berlin Heidelberg

About this paper

Cite this paper

Gherbi, A., Charpentier, R. (2011). Diversity-Based Approaches to Software Systems Security. In: Kim, Th., Adeli, H., Fang, Wc., Villalba, J.G., Arnett, K.P., Khan, M.K. (eds) Security Technology. SecTech 2011. Communications in Computer and Information Science, vol 259. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-642-27189-2_24

Download citation

  • DOI: https://doi.org/10.1007/978-3-642-27189-2_24

  • Publisher Name: Springer, Berlin, Heidelberg

  • Print ISBN: 978-3-642-27188-5

  • Online ISBN: 978-3-642-27189-2

  • eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics

Search

Navigation