Security through redundant data diversity

Proceedings of the International Conference on Dependable Systems and Networks

Volumn , Issue , 2008, Pages 187-196

  Nguyen Tuong, Anh ^a   Evans, David ^a   Knight, John C ^a   Cox, Benjamin ^a   Davidson, Jack W ^a  

^a University of Virginia

Author keywords

[No Author keywords available]

Indexed keywords

CASE STUDIES; DATA CORRUPTION; DATA VALUES; DEPENDABLE SYSTEMS; HIGH-ASSURANCE; INTERNATIONAL CONFERENCES; MULTIPLE VARIANTS; REDUNDANT DATA;

SENSOR NETWORKS;

NETWORK PROTOCOLS;

EID: 53349142151     PISSN: None     EISSN: None     Source Type: Conference Proceeding    
DOI: 10.1109/DSN.2008.4630087     Document Type: Conference Paper

References (43)

1. P. E. Amman and J. C. Knight. Data Diversity: an Approach to Software Fault Tolerance. IEEE Trans. On Computers, 37 (4), pp. 418-25, 1988.
2. Apache Software Foundation. Apache HTTP Server project. http://httpd.apache.org.
3. A. Appel and S. Govindavajhala. Using Memory Errors to Attack a Virtual Machine. IEEE Symp. On Security and Privacy. 2003.
4. A. Avizienis and L. Chen. On the Implementation of N-version Programming for Software Fault-Tolerance During Program Execution. International Computer Software and Applications Conference. 1977.
5. A. Baratloo, N. Singh, T. Tsai. Transparent Run-Time Defense against Stack Smashing Attacks. USENIX Technical Conference. 2000.
6. E. Barrantes, D. Ackley, S. Forrest, T. Palmer, D. Stefanovic, D. Zovi. Randomized Instruction Set Emulation to Disrupt Binary Code Injection Attacks. ACM Computer and Communications Security. 2003.
7. E. Berger and B. Zorn. DieHard: Probabilistic Memory Safety for Unsafe Languages. Programming Language Design and Implementation (PLDI). June 2006.
8. S. Bhatkar, D. DuVarney, and R. Sekar. Efficient Techniques for Comprehensive Protection from Memory Error Exploits. Usenix Security. 2005.
9. rd Intl. Workshop on Information Assurance. 2007.
10. W. Cheng, Q. Zhao, B. Yu, S. Hiroshige. TaintTrace: Efficient Flow Tracking with Dynamic Binary Rewriting. Computers and Communications. 2006.
11. L. Chen and Algirdas Avizienis. N-Version Programming: A Fault Tolerance Approach to Reliability of Software Operation. Fault Tolerant Computing Symposium. 1978.
12. S. Chen, J. Xu, E. C. Sezer, P. Gauriar, R. K. Iyer. Non-Control-Data Attacks Are Realistic Threats. USENIX Security. 2005.
13. M. Chew and D. Song. Mitigating Buffer Overflows by Operating System Randomization. Tech Report CMU-CS-02-197. December 2002.
14. C. Cowan, M. Barringer, S. Beattie, G. Kroah-Hartman. FormatGuard: Automatic Protection From printf Format String Vulnerabilities. USENIX Security. 2001.
15. C. Cowan, S. Beattie, J. Johansen, P. Wagle. Pointguard: protecting pointers from buffer overflow vulnerabilities. USENIX Security. 2003.
16. th USENIX Security. August 2006.
17. M. Croarken. Tabulating the Heavens: Computing the Nautical Alamanac in 18th-Century England. IEEE Annals of the History of Computing. 2003.
18. H. Etoh. GCC extension for protecting applications from stack-smashing attacks. IBM. 2004. http://www.trl.ibm.com/projects/security/ssp
19. th Workshop on Hot Topics in Operating Systems. 1997.
20. M. Franz. Understanding and Countering Insider Threats in Software Development. UC Irvine Technical Report ICS-TR-07-09. 2007.
21. D. Gao, M. Reiter, D. Song. Behavioral Distance for Intrusion Detection. Recent Advances Intrusion Detection. 2005.
22. D. Gao, M. K. Reiter, D. Song. Beyond Output Voting: Detecting Compromised Replicas using Behavioral Distance. Tech Report, CMU-CYLAB-06-019. 2006.
23. D. A. Grier. When Computers Were Human. Princeton University Press. 2005.
24. V. Haldar, D. Chandra, M. Franz. Dynamic Taint Propagation for Java. Annual Computer Security Applications Conference. 2005.
25. W. Hu, J. Hiser, D. Williams, A. Filipi, J. Davidson, D. Evans, J. Knight, A. Nguyen-Tuong, J. Rowanhill. Secure and Practical Defense Against Code-injection Attacks Using Software Dynamic Translation. Virtual Execution Environments. 2006.
26. M. K. Joseph. Architectural Issues in Fault-Tolerant, Secure Computing Systems. PhD Dissertation. UCLA. 1988.
27. J. Just, J. Reynolds, L. Clough, M. Danforth, K. Levitt, R. Maglich, J. Rowe. Learning Unknown Attacks - A Start. Recent Advances Intrusion Detection. 2002.
28. G. Kc, A. Keromytis, V. Prevelakis. Countering Code-injection Attacks with Instruction Set Randomization. ACM Computer and Communications Security. 2003.
29. J. C. Knight and N. Leveson. An Experimental Evaluation of the Assumption of Independence in Multi-version Programming. IEEE Transactions on Software Engineering, Vol 12, No 1. Jan 1986.
30. B. Kuperman, C. Brodley, H. Ozdoganoglu, T. Vijaykumar, A. Jalote. Detection and Prevention of Stack Buffer Overflow Attacks. Comm. of the ACM, Nov 2005.
31. D. Larochelle and D. Evans. Statically Detecting Likely Buffer Overflow Vulnerabilities. USENIX Security. 2001.
32. B. Littlewood, L. Strigini. Redundancy and Diversity in Security. European Symp. on Research in Computer Security. 2004.
33. J. Newsome and D. Song. Dynamic Taint Analysis for Automatic Detection, Analysis, and Signature Generation of Exploits on Commodity Software. Network and Distributed System Security. 2005.
34. th IFIP Information Security Conference. 2005.
35. J. Reynolds, J. Just, E. Lawson, L. Clough, R. Maglich, K. Levitt. The Design and Implementation of an Intrusion Tolerant System. Foundations of Intrusion Tolerant Systems (OASIS). 2003.
36. M. Ringenburg and D. Grossman. Preventing Format-String Attacks via Automatic and Efficient Dynamic Checking. ACM Comp. Comm. Security. 2005.
37. H. Snacham, M. Page, B. Pfaff, E. Goh, N. Modadugu, D. Boneh. On the Effectiveness of Address-Space Randomization. ACM Computer and Communications Security. 2004.
38. A. N. Sovarel, D. Evans, N. Paul. Where's the FEEB?: The Effectiveness of Instruction Set Randomization. USENIX Security 2005.
39. E. Totel, F. Majorczyk, L. Me. COTS Diversity Intrusion Detection and Application to Web Servers. Recent Advances in Intrusion Detection. 2005.
40. N. Tuck, B. Calder, and G. Varghese. Hardware and Binary Modification Support for Code Pointer Protection from Buffer Overflow. Intl. Symposium on Microarchitecture. Dec 2004.
41. VeriTest Corporation. WebBench 5.0. http://www.veritest.com/ benchmarks/webbench
42. J. Xu, Z. Kalbarczyk, R. Iyer. Transparent Runtime Randomization for Security. Symposium on Reliable and Distributed Systems. 2003.
43. W. Xu, S. Bhatkar, and R. Sekar. Taint-enhanced policy enforcement: a practical approach to defeat a wide range of attacks. USENIX Security. 2006.