A software assignment algorithm for minimizing worm damage in networked systems
作者: Chu Huang , Sencun Zhu , Quanlong Guan , Yongzhong He
DOI: 10.1016/J.JISA.2017.05.004
关键词:
摘要: Abstract Homogeneous networked systems are at high risk of being compromised by malicious attacks that exploit a single weakness common to all. Following the survivability through heterogeneity philosophy, we present novel approach improving via software diversity. In this work, propose an algorithm for assigning number packages over network in intelligent way such machines running identical isolated into small “islands”, hence restricting worm-like from propagation. While developing algorithm, take consideration not only practical constraints, including host functionality and availability, but also weight, severity impact range vulnerability, well balancing effectively minimizing potential damage attack. We introduce possible enhancements taking advantage topological features network. Finally, comparative analysis our using simulation various structures. The results confirm effectiveness scalability show its capability creating moving attack surface. level can actually create depends on ratio installed total available software.
elsevier.com
sci-hub.st 参考文章(55)
Constantine Sapuntzakis, Nickolai Zeldovich, Mendel Rosenblum, Monica S. Lam, David Brumley, Jim Chow, Ramesh Chandra, Virtual Appliances for Deploying and Maintaining Software usenix large installation systems administration conference. pp. 181- 194 ,(2003)
Farnam Jahanian, Jon Oberheide, Evan Cooke, CloudAV: N-version antivirus in the network cloud usenix security symposium. pp. 91- 106 ,(2008)
Su Zhang, Doina Caragea, Xinming Ou, An Empirical Study on Using the National Vulnerability Database to Predict Software Vulnerabilities Lecture Notes in Computer Science. pp. 217- 231 ,(2011) , 10.1007/978-3-642-23088-2_15
Todd Jackson, Babak Salamat, Andrei Homescu, Karthikeyan Manivannan, Gregor Wagner, Andreas Gal, Stefan Brunthaler, Christian Wimmer, Michael Franz, Compiler-Generated Software Diversity Moving Target Defense. pp. 77- 98 ,(2011) , 10.1007/978-1-4614-0977-9_4
Bjarne Toft, Tommy R Jensen, Graph Coloring Problems ,(1994)
Liang Xie, Hui Song, Suncun Zhu, On the effectiveness of internal patching against file-sharing worms applied cryptography and network security. pp. 1- 20 ,(2008) , 10.1007/978-3-540-68914-0_1
Yolanta Beres, Marco Casassa Mont, Adrian Baldwin, Simon Shiu, Martin Sadler, Keith Harrison, Towards Diversity of COTS Software Applications: Reducing Risks of Widespread Faults and Attacks ,(2002)
Georgios Portokalidis, Angelos D. Keromytis, Global ISR: Toward a Comprehensive Defense Against Unauthorized Code Execution Moving Target Defense: Creating Asymmetric Uncertainty for Cyber Threats. pp. 49- 76 ,(2011) , 10.1007/978-1-4614-0977-9_3
Zs. Tuza, M. Hujter, PRECOLORING EXTENSION. II. GRAPHS CLASSES RELATED TO BIPARTITE GRAPHS Acta Mathematica Universitatis Comenianae. New Series. ,vol. 62, pp. 1- 11 ,(1993)
Jin Han, Debin Gao, Robert H Deng, None, On the Effectiveness of Software Diversity: A Systematic Study on Real-World Vulnerabilities Detection of Intrusions and Malware, and Vulnerability Assessment. ,vol. 5587, pp. 127- 146 ,(2009) , 10.1007/978-3-642-02918-9_8