On the Effectiveness of Software Diversity: A Systematic Study on Real-World Vulnerabilities
Many systems have been introduced to detect software intrusions by comparing the outputs and behavior of diverse replicas when they are processing the same, potentially malicious, input. When these replicas are constructed using off-the-shelf software products, it is assumed that they are diverse an...
Saved in:
| Main Authors: | , , |
|---|---|
| Format: | text |
| Language: | English |
| Published: |
Institutional Knowledge at Singapore Management University
2009
|
| Subjects: | |
| Online Access: | https://ink.library.smu.edu.sg/sis_research/327 https://ink.library.smu.edu.sg/context/sis_research/article/1326/viewcontent/Han2009_Chapter_OnTheEffectivenessOfSoftware_pv.pdf |
| Tags: |
Add Tag
No Tags, Be the first to tag this record!
|
| Institution: | Singapore Management University |
| Language: | English |
| id |
sg-smu-ink.sis_research-1326 |
|---|---|
| record_format |
dspace |
| spelling |
sg-smu-ink.sis_research-13262022-02-18T01:47:35Z On the Effectiveness of Software Diversity: A Systematic Study on Real-World Vulnerabilities HAN, Jin GAO, Debin DENG, Robert H. Many systems have been introduced to detect software intrusions by comparing the outputs and behavior of diverse replicas when they are processing the same, potentially malicious, input. When these replicas are constructed using off-the-shelf software products, it is assumed that they are diverse and not compromised simultaneously under the same attack. In this paper, we analyze vulnerabilities published in 2007 to evaluate the extent to which this assumption is valid. We focus on vulnerabilities in application software, and show that the majority of these software products --- including those providing the same service (and therefore multiple software substitutes can be used in a replicated system to detect intrusions) and those that run on multiple operating systems (and therefore the same software can be used in a replicated system with different operating systems to detect intrusions) --- either do not have the same vulnerability or cannot be compromised with the same exploit. We also find evidence that indicates the use of diversity in increasing attack tolerance for other software. These results show that systems utilizing off-the-shelf software products to introduce diversity are effective in detecting intrusions. 2009-07-01T07:00:00Z text application/pdf https://ink.library.smu.edu.sg/sis_research/327 info:doi/10.1007/978-3-642-02918-9_8 https://ink.library.smu.edu.sg/context/sis_research/article/1326/viewcontent/Han2009_Chapter_OnTheEffectivenessOfSoftware_pv.pdf http://creativecommons.org/licenses/by-nc-nd/4.0/ Research Collection School Of Computing and Information Systems eng Institutional Knowledge at Singapore Management University Information Security |
| institution |
Singapore Management University |
| building |
SMU Libraries |
| continent |
Asia |
| country |
Singapore Singapore |
| content_provider |
SMU Libraries |
| collection |
InK@SMU |
| language |
English |
| topic |
Information Security |
| spellingShingle |
Information Security HAN, Jin GAO, Debin DENG, Robert H. On the Effectiveness of Software Diversity: A Systematic Study on Real-World Vulnerabilities |
| description |
Many systems have been introduced to detect software intrusions by comparing the outputs and behavior of diverse replicas when they are processing the same, potentially malicious, input. When these replicas are constructed using off-the-shelf software products, it is assumed that they are diverse and not compromised simultaneously under the same attack. In this paper, we analyze vulnerabilities published in 2007 to evaluate the extent to which this assumption is valid. We focus on vulnerabilities in application software, and show that the majority of these software products --- including those providing the same service (and therefore multiple software substitutes can be used in a replicated system to detect intrusions) and those that run on multiple operating systems (and therefore the same software can be used in a replicated system with different operating systems to detect intrusions) --- either do not have the same vulnerability or cannot be compromised with the same exploit. We also find evidence that indicates the use of diversity in increasing attack tolerance for other software. These results show that systems utilizing off-the-shelf software products to introduce diversity are effective in detecting intrusions. |
| format |
text |
| author |
HAN, Jin GAO, Debin DENG, Robert H. |
| author_facet |
HAN, Jin GAO, Debin DENG, Robert H. |
| author_sort |
HAN, Jin |
| title |
On the Effectiveness of Software Diversity: A Systematic Study on Real-World Vulnerabilities |
| title_short |
On the Effectiveness of Software Diversity: A Systematic Study on Real-World Vulnerabilities |
| title_full |
On the Effectiveness of Software Diversity: A Systematic Study on Real-World Vulnerabilities |
| title_fullStr |
On the Effectiveness of Software Diversity: A Systematic Study on Real-World Vulnerabilities |
| title_full_unstemmed |
On the Effectiveness of Software Diversity: A Systematic Study on Real-World Vulnerabilities |
| title_sort |
on the effectiveness of software diversity: a systematic study on real-world vulnerabilities |
| publisher |
Institutional Knowledge at Singapore Management University |
| publishDate |
2009 |
| url |
https://ink.library.smu.edu.sg/sis_research/327 https://ink.library.smu.edu.sg/context/sis_research/article/1326/viewcontent/Han2009_Chapter_OnTheEffectivenessOfSoftware_pv.pdf |
| _version_ |
1770570387236585472 |