Article

Malware resistant networking using system diversity

Author:

Michael G. BaileyAuthors Info & Claims

SIGITE '05: Proceedings of the 6th conference on Information technology education

Pages 191 - 197

https://doi.org/10.1145/1095714.1095759

Published: 20 October 2005 Publication History

Abstract

In the biological world, species are known to ensure survival by introducing variations among individuals of the species, some of which may have superior survival characteristics in the event of certain environmental changes. While not precisely equivalent, networked computer systems also must 'survive' in a rapidly changing environment. In particular, as with its biological analog there are predators in the network world that must be thwarted.This paper shows that in the macro-, as well as in the micro- senses, system diversity is an important tool for network survivability. A malware attack on the Internet can have serious implications for many nodes but is unlikely to cross operating system or server application boundaries and thus to entirely disrupt the heterogeneous Internet.Individual networks that attach to the Internet can be developed using layers of servers, each with a different hardware and/or software basis, to isolate core servers from networked malefactors. Such a topology requires an attacker to employ a wide range of exploits, different ones tailored to each system at each protective layer of systems. This paper demonstrates how the layering technique protects networked systems.

References

[1]

Albert, R., Jeong, H., and Barabasi, A., Error and attack tolerance of complex networks, Nature, 406, (July 2000), 378--382

[2]

Balthrop, J., Forrest, S., Newman, M., and Williamson, M., Technological networks and the spread of computer viruses, Science, 304, (April 2004), 527--529

[3]

Barabasi, A., and Albert, R., Emergence of scaling in random networks, Science, 286, (Oct. 1999), 509--512

[4]

Chen, T., and Robert, J., Worm epidemics in high-speed networks, Computer (June 2004), 48--53

Digital Library

[5]

Forrest, S., Somayaji, A., and Ackley, D, Building diverse computer systems, Proceedings of the 6th Workshop on Hot Topics in Operating Systems, IEEE Computer Society Press, (1997) 67--72

Digital Library

[6]

Geer, D., Monopoly considered harmful, IEEE Security & Privacy, 3, (2003), 14--17

Digital Library

[7]

Geer, D., Bace, R., Gutmann, P., Metzger, P., Pfleeger, C., Quarterman, J., and Schneier, B, CyberInsecurity: the cost of monopoly, Independent Report, Computer & Communications Industry Association, (2002), http://www.ccianet.org/filings/cybersecurity/cyberinsecurity.pdf

[8]

Iheagwara, C., and Blyth, A., The impact of security layering on end-to-end latency and system performance in switched and distributed e-business environments, Computer Networks, 39, (2002), 827--840

Digital Library

[9]

Just, J., and Cornwell, M., Review and analysis of synthetic diversity for breaking monocultures, WORM'04 (ACM), (Oct. 2004), 23--32

Digital Library

[10]

Lai, Y., Motter, A., Nishikawa, T., Park, K., and Zaho, L., Complex networks: dynamics and security, Pramana - Journal of Physics, 64, 4(April 2005), 483--502

[11]

Lee, J., Chapin, S., and Taylor, S., Computational resiliency, Qual. Reliab. Engng. Int., 18, (2002), 185--199

[12]

Littlewood, B., Popov, P., and Strigini, L., Modeling software design diversity - a review, ACM Computing Surveys, 33, 2(June 2001), 177--208

Digital Library

[13]

Milgram, S., The small world problem. Psychol. Today, 2, (1967), 60--67

[14]

O'Donnell, A., and Sethu, H., On achieving software diversity for improved network security using distributed coloring algorithms, CCS'04 (ACM), (Oct. 2004), 121--131

Digital Library

[15]

O'Donnell, A., and Sethy, H., Software diversity as a defense against viral propagation: models and simulations, Proceedings of the Workshop on Principles of Advances and Distributed Simulation, (2005)

Digital Library

[16]

Schneier, B., Blaster and the August 14th Blackout, Crypto-Gram Newsletter, (Dec. 2003), http://www.schneier.com/crypto-gram-0312.html#1

[17]

Shannon, C., A Mathematical Theory of Communication, Bell Syst. Techn. J., 64 (Oct. 1948), 379--423

[18]

Stamp, M., Risks of Monoculture, Comm. ACM, 47, 3(March 2004), 120

Digital Library

Cited By

Zhang QMohammed AWan ZCho JMoore T(2022)Diversity-by-Design for Dependable and Secure Cyber-Physical Systems: A SurveyIEEE Transactions on Network and Service Management10.1109/TNSM.2021.309139119:1(706-728)Online publication date: Mar-2022
https://doi.org/10.1109/TNSM.2021.3091391
Temizkan OPark SSaydam C(2017)Software Diversity for Improved Network Security: Optimal Distribution of Software-Based Shared VulnerabilitiesInformation Systems Research10.1287/isre.2017.072228:4(828-849)Online publication date: Dec-2017
https://doi.org/10.1287/isre.2017.0722
Morris-King JCam H(2016)Controlling proximity-malware infection in diverse tactical mobile networks using K-distance pruningMILCOM 2016 - 2016 IEEE Military Communications Conference10.1109/MILCOM.2016.7795377(503-508)Online publication date: Nov-2016
https://doi.org/10.1109/MILCOM.2016.7795377
Show More Cited By

Index Terms

Malware resistant networking using system diversity
1. Security and privacy
  1. Cryptography
    1. Cryptanalysis and other attacks
  2. Intrusion/anomaly detection and malware mitigation
2. Social and professional topics
  1. Computing / technology policy
    1. Computer crime

Recommendations

The Monoculture Risk Put into Context

Conventional wisdom holds that software monocultures are exceptionally vulnerable to malware outbreaks. The authors argue that this oversimplifies and misleads. An analysis based on attacker reactions likely to be evoked by successive generations of ...
Heterogeneous networking: a new survivability paradigm
NSPW '01: Proceedings of the 2001 workshop on New security paradigms

We believe that a network, to be survivable, must be heterogeneous. Just like a species that draws on a small gene pool can succumb to a single environmental threat, so a homogeneous network is vulnerable to a malicious attack that exploits a single ...
Towards Malware-Resistant Networking Environment
SYSSEC '11: Proceedings of the 2011 First SysSec Workshop

The modern cyber crime activities largely rely on malware-based infrastructure, i.e. botnets and backdoors in popular services for collecting private financial data, distributed denial of service and etc. A significant effort to develop better methods ...

Comments

Information & Contributors

Information

Published In

cover image ACM Conferences

SIGITE '05: Proceedings of the 6th conference on Information technology education

October 2005

402 pages

ISBN:1595932526

DOI:10.1145/1095714

General Chair:
Rob Friedman
New Jersey Institute of Technology, Newark, NJ

Copyright © 2005 ACM.

Permission to make digital or hard copies of all or part of this work for personal or classroom use is granted without fee provided that copies are not made or distributed for profit or commercial advantage and that copies bear this notice and the full citation on the first page. Copyrights for components of this work owned by others than ACM must be honored. Abstracting with credit is permitted. To copy otherwise, or republish, to post on servers or to redistribute to lists, requires prior specific permission and/or a fee. Request permissions from [email protected]

Sponsors

Publisher

Association for Computing Machinery

New York, NY, United States

Publication History

Published: 20 October 2005

Permissions

Request permissions for this article.

Request Permissions

Check for updates

Author Tags

Qualifiers

Article

Conference

SIGITE05

Sponsor:

SIGITE05: ACM Special Interest Group for Information Technology Education Conference 2005

October 20 - 22, 2005

NJ, Newark, USA

Acceptance Rates

Overall Acceptance Rate 176 of 429 submissions, 41%

Contributors

Other Metrics

View Article Metrics

Bibliometrics & Citations

Bibliometrics

Article Metrics

9
Total Citations
View Citations
626
Total Downloads

Downloads (Last 12 months)4
Downloads (Last 6 weeks)0

Reflects downloads up to 08 Mar 2025

Other Metrics

View Author Metrics

Citations

Cited By

Zhang QMohammed AWan ZCho JMoore T(2022)Diversity-by-Design for Dependable and Secure Cyber-Physical Systems: A SurveyIEEE Transactions on Network and Service Management10.1109/TNSM.2021.309139119:1(706-728)Online publication date: Mar-2022
https://doi.org/10.1109/TNSM.2021.3091391
Temizkan OPark SSaydam C(2017)Software Diversity for Improved Network Security: Optimal Distribution of Software-Based Shared VulnerabilitiesInformation Systems Research10.1287/isre.2017.072228:4(828-849)Online publication date: Dec-2017
https://doi.org/10.1287/isre.2017.0722
Morris-King JCam H(2016)Controlling proximity-malware infection in diverse tactical mobile networks using K-distance pruningMILCOM 2016 - 2016 IEEE Military Communications Conference10.1109/MILCOM.2016.7795377(503-508)Online publication date: Nov-2016
https://doi.org/10.1109/MILCOM.2016.7795377
Yang YZhu SCao G(2016)Improving sensor network immunity under worm attacksAd Hoc Networks10.1016/j.adhoc.2016.04.01147:C(26-40)Online publication date: 1-Sep-2016
https://dl.acm.org/doi/10.1016/j.adhoc.2016.04.011
Liu WNishiyama HAnsari NKato N(2011)A Study on Certificate Revocation in Mobile Ad Hoc Networks2011 IEEE International Conference on Communications (ICC)10.1109/icc.2011.5962925(1-5)Online publication date: Jun-2011
https://doi.org/10.1109/icc.2011.5962925
Liu YZhang WBai SWang C(2011)Defending Sensor Worm Attack Using Software Diversity Approach2011 IEEE International Conference on Communications (ICC)10.1109/icc.2011.5962857(1-5)Online publication date: Jun-2011
https://doi.org/10.1109/icc.2011.5962857
Liu ZWang JZhang X(2011)A False Data Filtering Scheme Using Cluster-Based Organization in Sensor Networks2011 IEEE International Conference on Communications (ICC)10.1109/icc.2011.5962645(1-5)Online publication date: Jun-2011
https://doi.org/10.1109/icc.2011.5962645
Jackson JCreese SLeeson M(2011)Biodiversity: A security approach for ad hoc networks2011 IEEE Symposium on Computational Intelligence in Cyber Security (CICS)10.1109/CICYBS.2011.5949388(186-193)Online publication date: Apr-2011
https://doi.org/10.1109/CICYBS.2011.5949388
Yang YZhu SCao GJia XShroff NWan P(2008)Improving sensor network immunity under worm attacksProceedings of the 9th ACM international symposium on Mobile ad hoc networking and computing10.1145/1374618.1374640(149-158)Online publication date: 26-May-2008
https://dl.acm.org/doi/10.1145/1374618.1374640

View Options

Login options

Check if you have access through your login credentials or your institution to get full access on this article.

Full Access

Get this Publication

View options

PDF

View or Download as a PDF file.

eReader

View online with eReader.

Figures

Tables

Media

View Table of Conten