Security through diversity: Leveraging virtual machine technology

IEEE Security and Privacy

Volumn 7, Issue 1, 2009, Pages 26-33

  Williams, Daniel ^a   Hu, Wei ^a   Davidson, Jack W ^a   Hiser, Jason D ^a   Knight, John C ^a   Nguyen Tuong, Anh ^a  

^a UNIVERSITY OF VIRGINIA   (United States)

Author keywords

Artificial diversity; IT monoculture; Security; Virtual machine

Indexed keywords

ARTIFICIAL DIVERSITY; IT MONOCULTURE; NETWORKED COMPUTING SYSTEMS; SECURITY; SOFTWARE MONOCULTURES; SOFTWARE SYSTEMS; VIRTUAL MACHINE; VIRTUAL MACHINE TECHNOLOGIES;

FOURIER TRANSFORMS;

BIOLOGICAL SYSTEMS;

EID: 60049100434     PISSN: 15407993     EISSN: None     Source Type: Journal    
DOI: 10.1109/MSP.2009.18     Document Type: Review

References (14)

1. S. Forrest, A. Somayaji, and D. Ackley, "Building Diverse Computer Systems," Proc. 6th Workshop Hot Topics in Operating Systems (HotOS-VI), IEEE CS Press, 1997, p. 67.
2. A. Avizienis and L. Chen, "On the Implementation of N-Version Programming for Software Fault Tolerance During Execution," Proc. 1st IEEE Int'l Computer Science Applications Conf., IEEE Press, 1977, pp. 149-155.
3. P.E. Ammann and J.C. Knight, "Data Diversity: An Approach to Software Fault Tolerance," IEEE Trans. Computer, vol. 37, no. 4, 1988, pp. 418-425.
4. S. Bhatkar, R. Sekar, and D.C. DuVarney, "Efficient Techniques for Comprehensive Protection from Memory Error Exploits," Proc. 14th Conf. Usenix Security Symp., Usenix Assoc., 2005.
5. A.N. Sovarel, D. Evans, and N. Paul, "Where's the Feeb? The Effectiveness of Instruction Set Randomization," Proc. 14th Conf. Usenix Security Symp., Usenix Assoc., 2005.
6. H. Shacham et al., "On the Effectiveness of Address-Space Randomization," Proc. 11th ACM Conf. Computer and Comm. Security (CCS 04), ACM Press, 2004, pp. 298-307.
7. K. Scott and J.W. Davidson, "Safe Virtual Execution using Software Dynamic Translation," Proc. 18th Ann. Computer Security Applications Conf., IEEE Press, 2002, pp. 209-218.
8. V. Kiriansky, D. Bruening, and S.P. Amarasinghe, "Secure Execution via Program Shepherding," Proc. 11th Usenix Security Symp., Usenix Assoc., 2002, pp. 191-206.
9. C. Cowan and P. Wagle, "StackGuard: Simple Stack Smash Protection for GCC," Proc. GCC Developers Summit, 2003; www.gccsummit.org/2003.
10. H. Thimbleby, "Can Viruses Ever Be Useful?" Computers and Security, vol. 10, no. 2, 1991, pp. 111-114.
11. E.G. Barrantes et al., "Randomized Instruction Set Emulation to Disrupt Binary Code Injection Attacks," Proc. 10th ACM Conf. Computer and Comm. Security (CCS 03), ACM Press, 2003, pp. 281-289.
12. G.S. Kc, A.D. Keromytis, and V. Prevelakis, "Countering Code-Injection Attacks with Instruction-Set Randomization," Proc. 10th ACM Conf. Computer and Comm. Security (CCS 03), ACM Press, 2003, pp. 272-280.
13. W. Hu et al., "Secure and Practical Defense against Code-Injection Attacks Using Software Dynamic Translation," Proc. 2nd Int'l Conf Virtual Execution Environments, ACM Press, 2006, pp. 2-12.
14. B. De Bus et al., "Link-Time Optimization of ARM Binaries," ACM SIGPLAN Notices, vol. 39, no. 7, 2004, pp. 211-220.