Home

Application Communities: Using Monoculture for Dependability

Michael E. Locasto; Stelios Sidiroglou; Angelos D. Keromytis

Title:
Application Communities: Using Monoculture for Dependability
Author(s):
Locasto, Michael E.
Sidiroglou, Stelios
Keromytis, Angelos D.
Date:
Type:
Articles
Department:
Computer Science
Permanent URL:
Book/Journal Title:
First Workshop on Hot Topics in System Dependability (HotDep'05): 30 June 2005, Yokohama, Japan
Publisher:
USENIX
Abstract:
Artificial diversity is one method for mitigating the security risks of software monoculture. Introducing diversity increases resilience by obfuscating the system parameters an attacker must control for a successful exploit. We take a different approach to resilience and introduce the concept of Application Communities (AC): collections of independent instances of the same application that cooperatively monitor their execution for flaws and attacks and notify the community when such events are detected. We propose a set of parameters that de ne an AC and explore the tradeoffs between the minimal size of an AC, the marginal overhead imposed on each member, and the speed with which new faults are detected. We provide a sketch of both analytical and experimental results that show ACs are feasible for current applications: an AC of 15,000 members can monitor Apache for new faults with a 6% performance degradation for each member.
Subject(s):
Computer science
Item views:
115
Metadata:
text | xml

In Partnership with the Center for Digital Research and Scholarship at Columbia University Libraries/Information Services | Terms of Use