Modeling Network Diversity for Evaluating the Robustness of Networks against Zero-Day Attacks

  • Lingyu Wang
  • Mengyuan Zhang
  • Sushil Jajodia
  • Anoop Singhal
  • Massimiliano Albanese
Conference paper
Part of the Lecture Notes in Computer Science book series (LNCS, volume 8713)


The interest in diversity as a security mechanism has recently been revived in various applications, such as Moving Target Defense (MTD), resisting worms in sensor networks, and improving the robustness of network routing. However, most existing efforts on formally modeling diversity have focused on a single system running diverse software replicas or variants. At a higher abstraction level, as a global property of the entire network, diversity and its impact on security have received limited attention. In this paper, we take the first step towards formally modeling network diversity as a security metric for evaluating the robustness of networks against potential zero day attacks. Specifically, we first devise a biodiversity-inspired metric based on the effective number of distinct resources. We then propose two complementary diversity metrics, based on the least and the average attacking efforts, respectively. Finally, we evaluate our algorithm and metrics through simulation.


Security Metrics Diversity Network Security Zero Day Attack Network Robustness 


  1. 1.
    Falliere, N., Murchu, L.O., Chien, E.: W32.stuxnet dossier. Symantec Security Response (2011)Google Scholar
  2. 2.
    Littlewood, B., Strigini, L.: Redundancy and diversity in security. In: Samarati, P., Ryan, P.Y.A., Gollmann, D., Molva, R. (eds.) ESORICS 2004. LNCS, vol. 3193, pp. 423–438. Springer, Heidelberg (2004)CrossRefGoogle Scholar
  3. 3.
    Cox, B., Evans, D., Filipi, A., Rowanhill, J., Hu, W., Davidson, J., Knight, J., Nguyen-Tuong, A., Hiser, J.: N-variant systems: A secretless framework for security through diversity. Defense Technical Information Center (2006)Google Scholar
  4. 4.
    Gao, D., Reiter, M.K., Song, D.: Behavioral distance measurement using hidden markov models. In: Zamboni, D., Kruegel, C. (eds.) RAID 2006. LNCS, vol. 4219, pp. 19–40. Springer, Heidelberg (2006)CrossRefGoogle Scholar
  5. 5.
    Chun, B., Maniatis, P., Shenker, S.: Diverse replication for single-machine byzantine-fault tolerance. In: USENIX Annual Technical Conference, pp. 287–292 (2008)Google Scholar
  6. 6.
    Garcia, M., Bessani, A., Gashi, I., Neves, N., Obelheiro, R.: OS diversity for intrusion tolerance: Myth or reality? In: 2011 IEEE/IFIP 41st International Conference on Dependable Systems & Networks (DSN), pp. 383–394 (2011)Google Scholar
  7. 7.
    Bhatkar, S., DuVarney, D., Sekar, R.: Address obfuscation: An efficient approach to combat a broad range of memory error exploits. In: Proceedings of the 12th USENIX Security Symposium, Washington, DC, vol. 120 (2003)Google Scholar
  8. 8.
    Team, T.P.: PaX address space layout randomization,
  9. 9.
    Kc, G., Keromytis, A., Prevelakis, V.: Countering code-injection attacks with instruction-set randomization. In: Proceedings of the 10th ACM Conference on Computer and Communications Security, pp. 272–280. ACM (2003)Google Scholar
  10. 10.
    Bhatkar, S., Sekar, R.: Data space randomization. In: Zamboni, D. (ed.) DIMVA 2008. LNCS, vol. 5137, pp. 1–22. Springer, Heidelberg (2008)CrossRefGoogle Scholar
  11. 11.
    Jajodia, S., Ghosh, A., Swarup, V., Wang, C., Wang, X.: Moving Target Defense: Creating Asymmetric Uncertainty for Cyber Threats, 1st edn. Springer (2011)Google Scholar
  12. 12.
    Yang, Y., Zhu, S., Cao, G.: Improving sensor network immunity under worm attacks: a software diversity approach. In: Proceedings of the 9th ACM International Symposium on Mobile ad hoc Networking and Computing, pp. 149–158. ACM (2008)Google Scholar
  13. 13.
    Caballero, J., Kampouris, T., Song, D., Wang, J.: Would diversity really increase the robustness of the routing infrastructure against software defects? In: Proceedings of the Network and Distributed System Security Symposium (2008)Google Scholar
  14. 14.
    Elton, C.: The ecology of invasion by animals and plants. University of Chicago Press, Chicago (1958)CrossRefGoogle Scholar
  15. 15.
    Pielou, E.: Ecological diversity. Wiley, New York (1975)Google Scholar
  16. 16.
    Hill, M.: Diversity and evenness: a unifying notation and its consequences. Ecology 54(2), 427–432 (1973)CrossRefGoogle Scholar
  17. 17.
    Leinster, T., Cobbold, C.: Measuring diversity: the importance of species similarity. Ecology 93(3), 477–489 (2012)CrossRefGoogle Scholar
  18. 18.
    Sheyner, O., Haines, J., Jha, S., Lippmann, R., Wing, J.: Automated generation and analysis of attack graphs. In: Proceedings of the 2002 IEEE Symposium on Security and Privacy (2002)Google Scholar
  19. 19.
    Ammann, P., Wijesekera, D., Kaushik, S.: Scalable, graph-based network vulnerability analysis. In: Proceedings of ACM CCS 2002 (2002)Google Scholar
  20. 20.
    Albanese, M., Jajodia, S., Noel, S.: A time-efficient approach to cost-effective network hardening using attack graphs. In: Proceedings of the 42nd Annual IEEE/IFIP International Conference on Dependable Systems and Networks (DSN 2012), pp. 1–12 (2012)Google Scholar
  21. 21.
    Garey, M., Johnson, D.: Computers and intractability: A guide to the theory of NP-Completeness. W.H. Freeman, San Francisco (1979)zbMATHGoogle Scholar
  22. 22.
    Yuan, S., Varma, S., Jue, J.: Minimum-color path problems for reliability in mesh networks. In: 24th Annual Joint Conference of the IEEE Computer and Communications Societies (INFOCOM), pp. 2658–2669 (2005)Google Scholar
  23. 23.
    Frigault, M., Wang, L., Singhal, A., Jajodia, S.: Measuring network security using dynamic bayesian network. In: Proceedings of 4th ACM QoP (2008)Google Scholar
  24. 24.
    Mell, P., Scarfone, K., Romanosky, S.: Common vulnerability scoring system. IEEE Security & Privacy 4(6), 85–89 (2006)CrossRefGoogle Scholar
  25. 25.
    National vulnerability database, (May 9, 2008)
  26. 26.
    Gaitanis, K., Cohen, E.: Open bayes 0.1.0 (2013),
  27. 27.
    Idika, N., Bhargava, B.: Extending attack graph-based security metrics and aggregating their application. IEEE Transactions on Dependable and Secure Computing 9, 75–85 (2012)CrossRefGoogle Scholar
  28. 28.
    Wang, L., Singhal, A., Jajodia, S.: Toward measuring network security using attack graphs. In: Proceedings of 3rd ACM QoP (2007)Google Scholar
  29. 29.
    Manadhata, P., Wing, J.: An attack surface metric. IEEE Trans. Softw. Eng. 37(3), 371–386 (2011)CrossRefGoogle Scholar
  30. 30.
    Wang, L., Jajodia, S., Singhal, A., Noel, S.: k-zero day safety: Measuring the security risk of networks against unknown attacks. In: Gritzalis, D., Preneel, B., Theoharidou, M. (eds.) ESORICS 2010. LNCS, vol. 6345, pp. 573–587. Springer, Heidelberg (2010)CrossRefGoogle Scholar
  31. 31.
    Wang, L., Jajodia, S., Singhal, A., Cheng, P., Noel, S.: k-zero day safety: A network security metric for measuring the risk of unknown vulnerabilities. IEEE Transactions on Dependable and Secure Computing 11(1), 30–44 (2013)CrossRefGoogle Scholar
  32. 32.
    Wang, L., Singhal, A., Jajodia, S.: Measuring the overall security of network configurations using attack graphs. In: Barker, S., Ahn, G.-J. (eds.) Data and Applications Security 2007. LNCS, vol. 4602, pp. 98–112. Springer, Heidelberg (2007)CrossRefGoogle Scholar
  33. 33.
    Holm, H., Ekstedt, M., Andersson, D.: Empirical analysis of system-level vulnerability metrics through actual attacks. IEEE Trans. Dependable Secur. Comput. 9(6), 825–837 (2012)CrossRefGoogle Scholar
  34. 34.
    Kheir, N., Cuppens-Boulahia, N., Cuppens, F., Debar, H.: A service dependency model for cost-sensitive intrusion response. In: Gritzalis, D., Preneel, B., Theoharidou, M. (eds.) ESORICS 2010. LNCS, vol. 6345, pp. 626–642. Springer, Heidelberg (2010)CrossRefGoogle Scholar
  35. 35.
    Avizienis, A., Chen, L.: On the implementation of n-version programming for software fault tolerance during execution. In: Proc. IEEE COMPSAC., vol. 77, pp. 149–155 (1977)Google Scholar
  36. 36.
    Mitra, S., Saxena, N., McCluskey, E.: A design diversity metric and analysis of redundant systems. IEEE Trans. Comput. 51(5), 498–510 (2002)CrossRefGoogle Scholar
  37. 37.
    Littlewood, B., Popov, P., Strigini, L.: Modeling software design diversity: A review. ACM Comput. Surv. 33(2), 177–208 (2001)CrossRefGoogle Scholar
  38. 38.
    Maxion, R.: Use of diversity as a defense mechanism. In: Proceedings of the 2005 Workshop on New Security Paradigms, NSPW 2005, pp. 21–22. ACM, New York (2005)CrossRefGoogle Scholar
  39. 39.
    Saïdane, A., Nicomette, V., Deswarte, Y.: The design of a generic intrusion-tolerant architecture for web servers. IEEE Trans. Dependable Sec. Comput. 6(1), 45–58 (2009)CrossRefGoogle Scholar
  40. 40.
    Totel, E., Majorczyk, F., Mé, L.: Cots diversity based intrusion detection and application to web servers. In: Valdes, A., Zamboni, D. (eds.) RAID 2005. LNCS, vol. 3858, pp. 43–62. Springer, Heidelberg (2006)CrossRefGoogle Scholar

Copyright information

© Springer International Publishing Switzerland 2014

Authors and Affiliations

  • Lingyu Wang
    • 1
  • Mengyuan Zhang
    • 1
  • Sushil Jajodia
    • 2
  • Anoop Singhal
    • 3
  • Massimiliano Albanese
    • 2
  1. 1.Concordia Institute for Information Systems EngineeringConcordia UniversityCanada
  2. 2.Center for Secure Information SystemsGeorge Mason UniversityUSA
  3. 3.Computer Security DivisionNational Institute of Standards and TechnologyUSA

Personalised recommendations