Dealing with System Monocultures

Abstract

Software systems often share common vulnerabilities that allow a single attack to compromise large numbers of machines (write once, exploit everywhere). Borrowing from biology, several researchers have proposed the introduction of artificial diversity in systems as a means for countering this phenomenon. The introduced differences affect the way code is constructed or executed, but retain the functionality of the original system. In this way, systems that exhibit the same functionality have unique characteristics that protect them from common mode attacks. Over the years, several such have been proposed. We examine some of the most significant techniques and draw conclusions on how they can be used to harden systems against attacks.

Open PDF

Document Details

Document Type
Technical Report
Publication Date
Nov 01, 2004
Accession Number
ADA447306

Entities

People

  • Angelos Keromytis
  • Vassilis Prevelakis

Organizations

  • Columbia University

Tags

Communities of Interest

  • Cyber
  • Materials and Manufacturing Processes

DTIC Thesaurus Topics

  • Abstracts
  • Code Injection
  • Computer Networks
  • Computer Programs
  • Computer Science
  • Computers
  • Computing System Architectures
  • Denial Of Service Attack
  • Information Operations
  • Infrastructure
  • Instruction Set Architecture
  • Language
  • Network Architecture
  • Network Protocols
  • Network Topology
  • Operating Systems
  • Vulnerability

Fields of Study

  • Computer science

Readers

  • Distributed Systems and Data Platform Development
  • Irregular Warfare and Special Operations Cyberspace Operations against Adversarial Threats.
  • Theoretical Analysis.