Abstract
This paper describes a novel cyber attack-resilient server inspired by the concept of biological diversity. The server consists of several virtual machines running different operating systems and different implementations of the same server protocol specification. This approach is based on the observation that not all implementations are affected by the same vulnerability, except for vulnerabilities in specifications and on shared libraries. A prototype system was built and tested to evaluate the continuity of the service. The results showed that, by exploiting a vulnerability, the prototype system could suppress downtime of the DNS service to less than 4 s without false positives.
This is a preview of subscription content, log in via an institution to check access.
Similar content being viewed by others
Explore related subjects
Discover the latest articles, news and stories from top researchers in related subjects.References
Fratric I (2012) Runtime prevention of return-oriented programming attacks. University of Zagreb. https://code.google.com/p/ropguard/
Cheng Y, Zhou Z, Miao Y, Ding X, Deng H (2014) ROPecker: a generic and practical approach for defending against ROP attack. In: Proc. of the 21st annual network and distributed system security symposium
Okamoto T (2015) SecondDEP: resilient computing that prevents shellcode execution in cyber-attacks. Proc Comput Sci 60:691–699
Tarao M, Okamoto T (2016) Toward an artificial immune server against cyber attacks. In: Proc. of the 21st international symposium on artificial life and robotics, pp 36–39
Pu C (1996) A specialization toolkit to increase the diversity of operating systems. PhD Thesis. Portland State University
Nagy L, Ford R, Allen W (2016) N-version programming for the detection of zero-day exploits. In: IEEE Topical Conference on Cybersecurity
CVE-2014-0160. http://www.cvedetails.com/cve/2014-0160/
Microsoft Corporation (2011) TCP/IP registry values for Microsoft Windows Vista and Windows Server 2008, Microsoft Windows Server 2008 White Paper
Winarno I, Okamoto T, Hata Y, Ishida Y (2015) Implementing SRN for resilient server on the virtual environment using container. Intelligent systems Research Progress Workshop
CVE-2015-5722. http://www.cvedetails.com/cve/2015-5477/
Author information
Authors and Affiliations
Corresponding author
About this article
Cite this article
Sano, F., Okamoto, T., Winarno, I. et al. A cyber attack-resilient server inspired by biological diversity. Artif Life Robotics 21, 345–350 (2016). https://doi.org/10.1007/s10015-016-0286-5
Received:
Accepted:
Published:
Issue Date:
DOI: https://doi.org/10.1007/s10015-016-0286-5