ABSTRACT
Diversity maintains security by making the computing environment less standard and less predictable. Recent studies show that many randomization techniques, e.g. address space layout randomization (ASLR) significantly enhance system security simply through reducing the number of return to libc exploits [14]. However, "diversity" may incur significant overhead on the computing platforms. We study the problem of implementing diversity to trade off security performance with diversity implementation costs. We address this problem by formulating it as a partially observable Markov decision process (POMDP). An optimal solution considering a fixed amount of history can be obtained by transforming the POMDP optimization problem into a nonlinear programming (NLP) problem. Simulation results for a set of benchmark problems illustrate the effectiveness of the proposed method.
Supplemental Material
Available for Download
Supplemental file.
- C. Amato, D. S. Bernstein, and S. Zilberstein. Optimizing fixed-size stochastic controllers for pomdps and decentralized pomdps. Auton Agent Multi-Agent Syst, 21:293âĂŞ320, 2010. Google ScholarDigital Library
- A. R. Cassandra. Tony's pomdp file repository page. http://www.cassandra.org/pomdp/examples/index.shtml, (Last Accessed: 09/2012).Google Scholar
- E. Florio. From bootroot to trojan. mebroot: A rootkit in your mbr. http:www.symatec.com/connect/blogs/bootroot-trojanmerbroot-rootkit-your-mbr, (Last Accessed: 05/2012).Google Scholar
- S. Forrest, A. Somaya, and D. H. Ackley. Building diverse computer systems. 6th Workshop on Hot Topics in Operating Systems, pages 67--73, May 2006. Google ScholarDigital Library
- C. Giuffrida and A. Kuijsten. Enhanced operating system security through efficient and fine-grained address space randomization. In Proceedings of the USENIX Security'12, August 2012. Google ScholarDigital Library
- Y. Huang, D. Evans, J. Katz, and L. Malka. Faster two-party computation using garbled circuits. In Usenix Security 2011, 2011. Google ScholarDigital Library
- J. Pineau, J. Gordon, and S. Thrun. Point-based value iteration: An anytime algorithm for pomdps. In Proceedings of the eighteenth international joint conference on artificial intelligence, pages 1025--1032, Acapulco, Mexico, 2003. Google ScholarDigital Library
- B. Pinkas, T. Schneider, N. P. Smart, and S. C. Williams. Secure two-party computation is practical. In Advances in Cryptology âĂŞ AsiaCrypt 2009, volume 5912/2009, pages 250--267. LNCS, 2009. Google ScholarDigital Library
- P. Poupart. Exploiting structure to efficiently solve large scale partially observable markov decision processes. Ph. D. Dissertation, 2005. Google ScholarDigital Library
- B. RAtchev, G. B. M. Hutton, and B. van Antwerpen. Verifying the correctness of fpga logic synthesis algorithms. In Proceedings of the 2003 ACM/SIGADA, pages 84--89. 11th International Symposium on Field Programmable Gate Arrays, 2003. Google ScholarDigital Library
- T. Smith and R. Simmons. Heuristic search value iteration for pomdps. In Proceedings of the twentieth conference on uncertainty in artificial intelligence, pages 520--527, Banff, Canada, 2004. Google ScholarDigital Library
- T. Smith and R. Simmons. Point-based pomdp algorithms: Improved analysis and implementation. In Proceedings of the twenty-first conference on uncertainty in artificial intelligence., Edinburgh, Scotland., 2005.Google Scholar
- M. Spaan and N. Vlassis. Perseus: randomized point-based value iteration for pomdps. Journal of Artificial Intelligence Research, 24:195âĂŞ220, 2005. Google ScholarCross Ref
- P. Szor. The Art of Computer Virus Research and Defense. Addison-Wesley Professional, Upper Saddle River, NJ, 2005. Google ScholarDigital Library
- Z. Wang, X. Jiang, W. Cui, and X. Wang. Countering persistent kernel rootkits through systematic hook discovery. In Recent Advances in Intrusion Detection, pages 21--38. LNCS, Septermber 2008. Google ScholarDigital Library
- H. Yu. Approximate solution methods for partially observable markov and semi-markov decision processes. Ph. D. Dissertation, 2004. Google ScholarDigital Library
Index Terms
- Applying POMDP to moving target optimization
Recommendations
Potential-based reward shaping for finite horizon online POMDP planning
In this paper, we address the problem of suboptimal behavior during online partially observable Markov decision process (POMDP) planning caused by time constraints on planning. Taking inspiration from the related field of reinforcement learning (RL), ...
A POMDP Formulation of Multistep Failure Model with Software Rejuvenation
WOSAR '11: Proceedings of the 2011 IEEE Third International Workshop on Software Aging and RejuvenationThis paper derives a POMDP (partially observable Markov decision process) formulation for a software rejuvenation model. The POMDP is a generalized framework of MDP that handles the unobserved information. The POMDP gives qualitative insights for the ...
Point-based online value iteration algorithm in large POMDP
Partially observable Markov decision process (POMDP) is an ideal framework for sequential decision-making under uncertainty in stochastic domains. However, it is notoriously computationally intractable to solving POMDP in real-time system. In order to ...
Comments