We present an architectural framework for systematically using automated diversity to provide high assurance detection and disruption for large classes of attacks. The framework executes a set of automatically diversified variants on the same inputs, and monitors their behavior to detect divergences. The benefit of this approach is that it requires an attacker to simultaneously compromise all system variants with the same input. By constructing variants with disjoint exploitation sets, we can make it impossible to carry out large classes of important attacks. In contrast to previous approaches that use automated diversity for security, our approach does not rely on keeping any secrets. In this paper, we introduce the N-variant systems frame...
The goal of this research was to explore first principles associated with mixing of diverse implemen...
Abstract—The software monoculture favors attackers over defenders, since it makes all target environ...
International audienceThe predictability of program execution provides attackers a rich source of kn...
Multi-variant program execution is an application of n-version programming, in which several slightl...
N-Variant Execution (NVX) systems utilize artificial diversity techniques to enhance software securi...
Abstract—The idea of automatic software diversity is at least two decades old. The deficiencies of c...
Abstract—The idea of automatic software diversity is at least two decades old. The deficiencies of c...
Software systems often share common vulnerabilities that allow a single attack to compromise large n...
Software systems often share common vulnerabilities that allow a single attack to compromise large n...
A set of replicas is diverse to the extent that all implement the same functionality but differ in ...
Context Software diversity, self-modification, and obfuscation have many applications in software se...
Abstract—The number and complexity of attacks on computer systems are increasing. This growth necess...
A set of replicas is diverse to the extent that all implement the same functionality but differ in t...
Software immunity through diversity is a promising research direction. Address Space Layout Randomi...
The predictability of program execution provides attackers a rich source of knowledge who can exploi...
The goal of this research was to explore first principles associated with mixing of diverse implemen...
Abstract—The software monoculture favors attackers over defenders, since it makes all target environ...
International audienceThe predictability of program execution provides attackers a rich source of kn...
Multi-variant program execution is an application of n-version programming, in which several slightl...
N-Variant Execution (NVX) systems utilize artificial diversity techniques to enhance software securi...
Abstract—The idea of automatic software diversity is at least two decades old. The deficiencies of c...
Abstract—The idea of automatic software diversity is at least two decades old. The deficiencies of c...
Software systems often share common vulnerabilities that allow a single attack to compromise large n...
Software systems often share common vulnerabilities that allow a single attack to compromise large n...
A set of replicas is diverse to the extent that all implement the same functionality but differ in ...
Context Software diversity, self-modification, and obfuscation have many applications in software se...
Abstract—The number and complexity of attacks on computer systems are increasing. This growth necess...
A set of replicas is diverse to the extent that all implement the same functionality but differ in t...
Software immunity through diversity is a promising research direction. Address Space Layout Randomi...
The predictability of program execution provides attackers a rich source of knowledge who can exploi...
The goal of this research was to explore first principles associated with mixing of diverse implemen...
Abstract—The software monoculture favors attackers over defenders, since it makes all target environ...
International audienceThe predictability of program execution provides attackers a rich source of kn...