2005 Articles
Application Communities: Using Monoculture for Dependability
Artificial diversity is one method for mitigating the security risks of software monoculture. Introducing diversity increases resilience by obfuscating the system parameters an attacker must control for a successful exploit. We take a different approach to resilience and introduce the concept of Application Communities (AC): collections of independent instances of the same application that cooperatively monitor their execution for flaws and attacks and notify the community when such events are detected. We propose a set of parameters that de ne an AC and explore the tradeoffs between the minimal size of an AC, the marginal overhead imposed on each member, and the speed with which new faults are detected. We provide a sketch of both analytical and experimental results that show ACs are feasible for current applications: an AC of 15,000 members can monitor Apache for new faults with a 6% performance degradation for each member.
Subjects
Files
- appcomm.pdf application/pdf 151 KB Download File
Also Published In
- Title
- First Workshop on Hot Topics in System Dependability (HotDep'05): 30 June 2005, Yokohama, Japan
- Publisher
- USENIX
More About This Work
- Academic Units
- Computer Science
- Published Here
- July 11, 2012