On the Effectiveness of Software Diversity: A Systematic Study on Real-World Vulnerabilities

On the Effectiveness of Software Diversity: A Systematic Study on Real-World Vulnerabilities

Many systems have been introduced to detect software intrusions by comparing the outputs and behavior of diverse replicas when they are processing the same, potentially malicious, input. When these replicas are constructed using off-the-shelf software products, it is assumed that they are diverse an...

Full description

Saved in:

Bibliographic Details
Main Authors:	HAN, Jin, GAO, Debin, DENG, Robert H.
Format:	text
Language:	English
Published:	Institutional Knowledge at Singapore Management University 2009
Subjects:	Information Security
Online Access:	https://ink.library.smu.edu.sg/sis_research/327 https://ink.library.smu.edu.sg/context/sis_research/article/1326/viewcontent/Han2009_Chapter_OnTheEffectivenessOfSoftware_pv.pdf
Tags:	Add Tag No Tags, Be the first to tag this record!
Institution:	Singapore Management University
Language:	English

Similar Items

Towards understanding Android system vulnerabilities: Techniques and insights
by: WU, Daoyuan, et al.
Published: (2019)

Novel Techniques of Using Diversity in Software Security and Information Hiding
by: HAN, Jin
Published: (2012)

Automatically Adapting a Trained Anomaly Detector to Software Patches
by: LI, Peng, et al.
Published: (2009)

Finding real world software vulnerabilities using ChatGPT
by: Wong, Sean Chun Foh
Published: (2024)

Comparing Mobile Privacy Protection through Cross-Platform Applications
by: HAN, Jin, et al.
Published: (2013)

New Selection Diversity Reception Scheme Effective for Both Frequency-Flat and Selective Fading Channels
by: ZHOU, Huafei, et al.
Published: (1992)

Performance of combined diversity reception and convolutional coding for QDPSK land mobile radio
by: ZHOU, Huafei, et al.
Published: (1994)

Android or iOS for Better Privacy Protection?
by: Han, Jin, et al.
Published: (2014)

Launching generic attacks on iOS with approved third-party applications
by: HAN, Jin, et al.
Published: (2013)

On Detection of Erratic Arguments
by: HAN, Jin, et al.
Published: (2011)

DynOpVm: VM-based software obfuscation with dynamic opcode mapping
by: CHENG, Xiaoyang, et al.
Published: (2019)

Vulnerability Analysis of RFID Protocols for Tag Ownership Transfer
by: PERIS-LOPEZ, Pedro, et al.
Published: (2008)

Security assessment through vulnerability scan and risk scoring
by: Reginio, Danica Mae P.
Published: (2023)

Fighting Coercion Attacks in Key Generation using Skin Conductance
by: GUPTA, Payas, et al.
Published: (2010)

When function signature recovery meets compiler optimization
by: LIN, Yan, et al.
Published: (2021)

EndWatch: A practical method for detecting non-termination in real-world software
by: ZHANG, Yao, et al.
Published: (2023)

Raising the Game: Applying Theory and Analytics to Real-world Threats
by: Singapore Management University
Published: (2013)

A Multi-User Steganographic File System on Untrusted Shared Storage
by: HAN, Jin, et al.
Published: (2010)

Vulnerability analysis of EMAP: An efficient RFID mutual authentication protocol
by: LI, Tieyan, et al.
Published: (2007)

Understanding open ports in Android applications: Discovery, diagnosis, and security assessment
by: WU, Daoyuan, et al.
Published: (2019)

Defending against heap overflow by using randomization in nested virtual clusters
by: TEY, Chee Meng, et al.
Published: (2013)

A Real-Time Tele-Ophalmology System Based on Secure Video-Conferencing and White-Board
by: YU, Shengsheng, et al.
Published: (2008)

I Can Be You: Questioning the Use of Keystroke Dynamics as Biometrics
by: TEY, Chee Meng, et al.
Published: (2013)

On Gray-Box Program Tracking for Anomaly Detection
by: GAO, Debin, et al.
Published: (2004)

Gray-Box Extraction of Execution Graphs for Anomaly Detection
by: GAO, Debin, et al.
Published: (2004)

Behavioral Distance for Intrusion Detection
by: GAO, Debin, et al.
Published: (2005)

Binhunt: Automatically Finding Semantic Differences in Binary Programs
by: GAO, Debin, et al.
Published: (2008)

Mitigating Access-Driven Timing Channels in Clouds using StopWatch
by: LI, Peng, et al.
Published: (2013)

On-demand time blurring to support side-channel defense
by: LIU, Weijie, et al.
Published: (2017)

Security slicing for auditing XML, XPath, and SQL injection vulnerabilities
by: THOME, Julian, et al.
Published: (2015)

Understanding Android VoIP security: A system-level vulnerability assessment
by: HE, En, et al.
Published: (2020)

Effects of Station Buffer Capacity on Performance of Token-Ring Networks
by: DENG, Robert H., et al.
Published: (1993)

Enhancing code vulnerability detection via vulnerability-preserving data augmentation
by: LIU, Shangqing, et al.
Published: (2024)

An LLM-assisted easy-to-trigger poisoning attack on code completion models: Injecting disguised vulnerabilities against strong detection
by: YAN, Shenao, et al.
Published: (2024)

Vulnerability Analysis of RFID Protocols for Tag Ownership Transfer
by: PERIS-LOPEZ, Pedro, et al.
Published: (2010)

VuRLE: Automatic vulnerability detection and repair by learning from examples
by: MA SIQI,, et al.
Published: (2017)

Finding the same source programs based on the structural fingerprint distance of call graph
by: YIN, Zhiyi, et al.
Published: (2009)

Keystroke Timing Analysis of on-the-fly Web Apps
by: TEY, Chee Meng, et al.
Published: (2013)

Database Watermarking: A Systematic View
by: LI, Yingjiu
Published: (2008)

Security slicing for auditing common injection vulnerabilities
by: THOME, Julian, et al.
Published: (2017)