Advertisement

Diversity

  • John C. Knight
Part of the Lecture Notes in Computer Science book series (LNCS, volume 6875)

Abstract

Diversity works well in nature where it is the basis of natural selection, a phenomenon that helps biological populations survive as they are challenged by hazards in their environments. Diversity has been employed widely in engineering also and has become an important part of computer engineering. In this paper, the various forms of diversity in computer engineering are summarized.

Keywords

Design diversity data diversity artificial diversity fault tolerance 

Preview

Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.

References

  1. 1.
    Ammann, P., Knight, J.: Data Diversity: An Approach To Software Fault Tolerance. IEEE Transactions on Computers 37(4) (1988)Google Scholar
  2. 2.
    Barrantes, E., Ackley, D., Forrest, S., Stefanovic, D.: Randomized Instruction Set Emulation. ACM Trans. Information and System Security 8(1), 3–40 (2005)CrossRefGoogle Scholar
  3. 3.
    Bhatkar, S., Sekar, R., DuVarney, D.: Efficient Techniques for Comprehensive Protection from Memory Error Exploits. In: 14th USENIX Security Symposium, Baltimore, MD (2005) Google Scholar
  4. 4.
    Bhatkar, S., Sekar, R.: Data Space Randomization, Detection of Intrusions and Malware, and Vulnerability Assessment. In: Zamboni, D. (ed.) DIMVA 2008. LNCS, vol. 5137, pp. 1–22. Springer, Heidelberg (2008)CrossRefGoogle Scholar
  5. 5.
    Biswas, S., Franklin, D., Savage, A., Dixon, R., Sherwood, T., Chong, F.: Multi-Execution: Multicore Caching for Data-Similar Executions. In: 36th Annual Intl. Symposium on Computer Architecture (ISCA), Austin, TX (2009) Google Scholar
  6. 6.
    Boyd, S., Kc, G., Locasto, M., Keromytis, A., Prevelakis, V.: On the General Applicability of Instruction-Set Randomization. IEEE Transactions on Dependable and Secure Computing 7(3), 255–270 (2010)CrossRefGoogle Scholar
  7. 7.
    Bruschi, D., Cavallaro, L., Lanzi, A.: Diversified Process Replicae for Defeating Memory Error Exploits. In: 3rd IEEE Intl. Workshop on Information Assurance, New Orleans, LA (2007) Google Scholar
  8. 8.
    Chen, L., Avizienis, A: N-version Programming: A Fault-tolerance Approach To Reliability Of Software Operation. In: Eighth International Symposium on Fault Tolerant Computing, Toulouse, France (1978) Google Scholar
  9. 9.
    Cox, B., Evans, D., Filipi, A., Rowanhill, J., Hu, W., Davidson, J., Knight, J., Nguyen-Tuong, A., Hiser, J.: N-Variant Systems A Secretless Framework for Security through Diversity. In: 15th USENIX Security Symposium Vancouver, BC (2006) Google Scholar
  10. 10.
    Eckhardt, D., Lee, L.: A Theoretical Basis For The Analysis of Multiversion Software Subject to Coincident Errors. IEEE Transactions on Software Engineering SE-11(12) (1985)Google Scholar
  11. 11.
    Forrest S., Somayaji, A., Ackley, D.: Building Diverse Computer Systems. In: Workshop on Hot Topics in Operating Systems, pp. 67–72 (1997) Google Scholar
  12. 12.
    Hu, W., Hiser, J., Williams, D., Filipi, A., Davidson, J., Evans, D., Knight, J., Nguyen-Tuong, A., Rowanhill, J.: Secure and Practical Defense Against Code-Injection Attacks Using Software Dynamic Translation. In: ACM International Conference on Virtual Execution Environments, Ottawa, Ontario, Canada (2006) Google Scholar
  13. 13.
    Knight, J., Ammann, P.: Issues Influencing The Use of N-Version Programming. In: IFIP 1989: Eleventh World Computer Congress, San Francisco, CA, pp. 217–222 (1989)Google Scholar
  14. 14.
    Knight, J., Leveson, N.: An Experimental Evaluation of The Assumption of Independence in Multiversion Programming. IEEE Transactions on Software Engineering 12(1) (1986)Google Scholar
  15. 15.
    Maskelyne, N.: The Papers of Nevil Maskelyne, Royal Greenwich Observatory ArchivesGoogle Scholar
  16. 16.
    Nguyen-Tuong, A., Evans, D., Knight, J., Cox, B., Davidson, J.: Security Through Redundant Data Diversity. In: 38th Annual IEEE/IFIP International Conference on Dependable Systems and Networks, DSN 2008, Anchorage, AK (2008)Google Scholar
  17. 17.
    Nguyen-Tuong, A., Wang, A., Hiser, J., Knight, J., Davidson, J.: On the Effectiveness of the Metamorphic Shield: The effects of continuously changing the attack surface. In: 1st International Workshop on Measurability of Security in Software Architectures, Copenhagen, Denmark (2010)Google Scholar
  18. 18.
    Randell, B.: System Structure For Software Fault Tolerance. IEEE Transactions on Software Engineering SE-1(2), 220–232 (1975)MathSciNetCrossRefGoogle Scholar
  19. 19.
    Salamat, B., Jackson, T., Gal, A., Franz, M.: Orchestra: Intrusion Detection Using Parallel Execution and Monitoring of Program Variants in User Space. In: 4th ACM European conference on Computer systems (EuroSys 2009), pp. 33–46. ACM, New York (2009)Google Scholar
  20. 20.
    Shacham, H., Page, M., Pfaff, B., Goh, E., Modadugu, N., Boneh, D.: On the Effectiveness of Address-Space Randomization. In: 11th ACM Conference on Computer and Communications Security, Washington DC, pp. 298–307 (2004) Google Scholar
  21. 21.
    U.S. Department of Energy, Advisory Notice, L-117: The Code Red Worm, http://www.ciac.org/ciac/bulletins/l-117.shtml
  22. 22.
    Van Grundy, M., Chen, H.: Noncespaces: Using Randomization to Enforce Information Flow Tracking and Thwart Cross-Site Scripting Attacks. In: 16th Annual Network and Distributed System Security Symposium (NDSS), San Diego, CA (2009) Google Scholar
  23. 23.
    Weatherwax, E., Knight, J., Nguyen-Tuong, A.: A Model of Secretless Security in N-Variant Systems. In: Second Workshop on Compiler and Architectural Techniques for Application Reliability and Security (CATARS - 2) in Conjunction with the 39th Annual IEEE/IFIP International Conference on Dependable Systems and Networks, Estoril, Portugal (2009) Google Scholar
  24. 24.
    Wikipedia: Address space layout randomization, http://en.wikipedia.org/wiki/Address_space_layout_randomization
  25. 25.
    Williams, D., Hu, W., Davidson, J., Hiser, J., Knight, J., Nguyen-Tuong, A.: Security Through Diversity: Leveraging Virtual Machine Technology. IEEE Security and Privacy 7(1), 26–33 (2009)CrossRefGoogle Scholar
  26. 26.
    Yeh, Y.: Safety Critical Avionics For The 777 Primary Flight Controls System: In: 20th Digital Avionics Systems Conference, Daytona Beach, FL (2001)Google Scholar

Copyright information

© Springer-Verlag Berlin Heidelberg 2011

Authors and Affiliations

  • John C. Knight
    • 1
  1. 1.Department of Computer ScienceUniversity of VirginiaCharlottesvilleU.S.A.

Personalised recommendations