Conference proceeding
On achieving software diversity for improved network security using distributed coloring algorithms
Proceedings of the 11th ACM conference on computer and communications security
25 Oct 2004
Abstract
It is widely believed that diversity in operating systems, software packages, and hardware platforms will decrease the virulence of worms and the effectiveness of repeated applications of single attacks. Research efforts in the field have focused on introducing diversity using a variety of techniques on a system-by-system basis. This paper, on the other hand, assumes the availability of diverse software packages for each system and then seeks to increase the intrinsic value of available diversity by considering the entire computer network. We present several distributed algorithms for the assignment of distinct software packages to individual systems and analyze their performance. Our goal is to limit the ability of a malicious node to use a single attack to compromise its neighboring nodes, and by extension, the rest of the nodes in the network. The algorithms themselves are analyzed for attack tolerance, and strategies for improving the security of the individual software assignment schemes are presented. We present a comparative analysis of our algorithms using simulation results on a topology obtained from e-mail traffic logs between users at our institution. We find that hybrid versions of our algorithms incorporating multiple assignment strategies achieve better attack tolerance than any given assignment strategy. Our work thus shows that diversity must be introduced at all levels of system design, including any scheme that is used to introduce diversity itself.
Metrics
5 Record Views
85 citations in Scopus
Details
- Title
- On achieving software diversity for improved network security using distributed coloring algorithms
- Creators
- Adam O'Donnell - Drexel UniversityHarish Sethu - Drexel University
- Publication Details
- Proceedings of the 11th ACM conference on computer and communications security
- Series
- CCS '04
- Publisher
- Association for Computing Machinery (ACM)
- Resource Type
- Conference proceeding
- Language
- English
- Scopus ID
- 2-s2.0-14844337104
- Other Identifier
- 991019312386604721