Application Communities: Using Monoculture for Dependability
Michael E. Locasto; Stelios Sidiroglou; Angelos D. Keromytis
- Application Communities: Using Monoculture for Dependability
Locasto, Michael E.
Keromytis, Angelos D.
- Computer Science
- Permanent URL:
- Book/Journal Title:
- First Workshop on Hot Topics in System Dependability (HotDep'05): 30 June 2005, Yokohama, Japan
- Publisher Location:
- Berkeley, Calif.
- Artificial diversity is one method for mitigating the security risks of software monoculture. Introducing diversity increases resilience by obfuscating the system parameters an attacker must control for a successful exploit. We take a different approach to resilience and introduce the concept of Application Communities (AC): collections of independent instances of the same application that cooperatively monitor their execution for flaws and attacks and notify the community when such events are detected. We propose a set of parameters that de ne an AC and explore the tradeoffs between the minimal size of an AC, the marginal overhead imposed on each member, and the speed with which new faults are detected. We provide a sketch of both analytical and experimental results that show ACs are feasible for current applications: an AC of 15,000 members can monitor Apache for new faults with a 6% performance degradation for each member.
- Computer science
- Item views: