Dealing with System Monocultures

Keromytis, Angelos D.; Prevelakis, Vassilis

Software systems often share common vulnerabilities that allow a single attack to compromise large numbers of machines (write once, exploit everywhere). Borrowing from biology, several researchers have proposed the introduction of artificial diversity in systems as a means for countering this phenomenon. The introduced differences affect the way code is constructed or executed, but retain the functionality of the original system. In this way, systems that exhibit the same functionality have unique characteristics that protect them from common mode attacks. Over the years, several such have been proposed. We examine some of the most significant techniques and draw conclusions on how they can be used to harden systems against attacks.



Also Published In

Adaptive defence in unclassified networks: papers presented at the RTO Information Systems Technology Panel (IST) symposium held in Toulouse, France, 19 - 20 April 2004
Research & Technology Organisation

More About This Work

Academic Units
Computer Science
Published Here
July 9, 2012