Skip to main content
Fachgebiete
Automobil + Motoren Bauwesen + Immobilien Business IT + Informatik Elektrotechnik + Elektronik Energie + Nachhaltigkeit Finance + Banking Management + Führung Marketing + Vertrieb Maschinenbau + Werkstoffe Versicherung + Risiko
DE
EN
Bücher
Zeitschriften
Themenseiten
Organisationspsychologie Projektmanagement Marketing Smart Manufacturing
Weitere Formate
Podcasts Webinare Technik Webinare Wirtschaft Kongresse Veranstaltungskalender Awards
Jetzt Einzelzugang starten
Zugang für Unternehmen
Referenzkunden
SLX-Digitalkonferenz: Zukunftswerkstatt 2024

Mehr Umsatz mit Top-Kontakten

Am 7. Mai erfahren Sie, wie Vertriebsteams Leadgenerierung, Leadnurturing und Leadstrategien effizient steuern können.
Erweiterte Suche
Anmelden
nach oben
Mobile Networks and Applications
Erschienen in: Mobile Networks and Applications 2/2013

01.04.2013

ChameleonSoft: Software Behavior Encryption for Moving Target Defense

verfasst von: Mohamed Azab, Mohamed Eltoweissy

Erschienen in: Mobile Networks and Applications | Ausgabe 2/2013

Einloggen

Aktivieren Sie unsere intelligente Suche, um passende Fachinhalte oder Patente zu finden.

search-config
loading …

Abstract

Ubiquitous cyber systems and their supporting infrastructure impact productivity and quality of life immensely. Their penetration in our daily life increases the need for their enhanced resilience and for means to secure and protect them. One major threat is the contemporary software monoculture. Recent research illustrated the vulnerability of the software monoculture and proposed diversity to reduce the attack surface. In this paper, we propose a biologically-inspired defense system, ChameleonSoft, that employs multidimensional software diversity to, in effect, induce spatiotemporal “software behavior encryption” for moving target defense. The key principles of ChameleonSoft are decoupling functional roles from runtime role players; devising intrinsically-resilient composable online-programmable building blocks; separating logic, state and physical resources; and employing functionally-equivalent, behaviorally-different code variants. ChameleonSoft is also equipped with an autonomic failure recovery mechanism for enhanced resilience. Nodes employing ChameleonSoft autonomously and cooperatively change their recovery and encryption policies both proactively and reactively according to the continual changes in context and environment. Using analysis and simulation, our results show that chameleonsoft can encrypt the execution behavior by confusion and diffusion induction at a reasonable overhead.
Vorheriger Artikel Combining Mobile XMPP Entities and Cloud Services for Collaborative Post-Disaster Management in Hybrid Network Environments

Sie haben noch keine Lizenz? Dann Informieren Sie sich jetzt über unsere Produkte:

Springer Professional "Wirtschaft+Technik"

Online-Abonnement

Mit Springer Professional "Wirtschaft+Technik" erhalten Sie Zugriff auf:

  • über 102.000 Bücher
  • über 537 Zeitschriften

aus folgenden Fachgebieten:

  • Automobil + Motoren
  • Bauwesen + Immobilien
  • Business IT + Informatik
  • Elektrotechnik + Elektronik
  • Energie + Nachhaltigkeit
  • Finance + Banking
  • Management + Führung
  • Marketing + Vertrieb
  • Maschinenbau + Werkstoffe
  • Versicherung + Risiko

Jetzt Wissensvorsprung sichern!

Jetzt informieren

Springer Professional "Technik"

Online-Abonnement

Mit Springer Professional "Technik" erhalten Sie Zugriff auf:

  • über 67.000 Bücher
  • über 390 Zeitschriften

aus folgenden Fachgebieten:

  • Automobil + Motoren
  • Bauwesen + Immobilien
  • Business IT + Informatik
  • Elektrotechnik + Elektronik
  • Energie + Nachhaltigkeit
  • Maschinenbau + Werkstoffe




 

Jetzt Wissensvorsprung sichern!

Jetzt informieren

Springer Professional "Wirtschaft"

Online-Abonnement

Mit Springer Professional "Wirtschaft" erhalten Sie Zugriff auf:

  • über 67.000 Bücher
  • über 340 Zeitschriften

aus folgenden Fachgebieten:

  • Bauwesen + Immobilien
  • Business IT + Informatik
  • Finance + Banking
  • Management + Führung
  • Marketing + Vertrieb
  • Versicherung + Risiko




Jetzt Wissensvorsprung sichern!

Jetzt informieren
Weitere Produktempfehlungen anzeigen
Literatur
1.
Cohen F (1985) Computer viruses. PhD thesis, University of Southern California
2.
Spafford EH (1994) Computer viruses as artificial life. J Artif Life 1(3):249–265CrossRef
3.
Avizienis A, Chen L (1977) On the implementation of n-version programming for software fault tolerance during execution. IEEE COMPSAC 77:149–155
4.
5.
Eckhardt DE, Caglayan AK, Knight JC, Lee LD, McAllister DF, Vouk MA, Kelly JJP (1991) An experimental evaluation of software redundancy as a strategy for improving reliability. IEEE Trans Software Eng 17(7):692–702CrossRef
6.
Randell B (1975) System structure for software fault tolerance. IEEE Trans Software Eng 1:220–232CrossRef
7.
Knight JC, Leveson NG (1986) An experimental evaluation of the assumption of independence in multiversion programming. IEEE Trans Software Eng 12(1):96–109CrossRef
8.
Hatton L (1997) N-version design versus one good version. IEEE Software 14(6):71–76CrossRef
9.
Cohen F (1993) Operating system protection through program evolution. Comput Secur 12(6):565–584CrossRef
10.
Pu C, Black A, Cowan C, Walpole J (1996) A specialization toolkit to increase the diversity of operating systems. ICMAS Workshop on Immunity-Based Systems, Nara
11.
Just JE, Cornwell M (2004) Review and analysis of synthetic diversity for breaking monocultures. ACM Workshop on Rapid Malcode (WORM ’04): 23–32
12.
Holland DA, Lim AT, Seltzer MI (2005) An architecture a day keeps the hacker away. SIGARCH Comput Architect News 33(1):34–41CrossRef
13.
Chew M, Song D (2002) Mitigating buffer overflows by operating system randomization. Technical Report CMU-CS-02-197, Department of Computer Science, Carnegie Mellon University
14.
Xu J, Kalbarczyk Z, Iyer RK (2003) Transparent runtime randomization for security. 22nd International Symposium on Reliable Distributed Systems (SRDS’03): 260–269
15.
LKnight JC, Davidson JW, Evans D, Nguyen-Tuong A, Wang C (2007) Genesis: A Framework for Achieving Software Component Diversity. Technical Report AFRL-IF-RS-TR-2007-9, University of Virginia
16.
Forrest S, Somayaji A, Ackley D (1997) Building diverse computer systems. 6th Workshop on Hot Topics in Operating Systems (HotOS-VI), pp 67–72
17.
Salamat B, Jackson T, Gal A, Franz M (2009) Intrusion detection using parallel execution and monitoring of program variants in user-space. Eurosys 2009
18.
Salamat B, Gal A, Franz M (2008) Reverse stack execution in a multi-variant execution environment. Workshop on Compiler and Architectural Techniques for Application Reliability and Security (CATARS’08)
19.
Salamat B, Gal A, Jackson T, Manivannan K, Wagner G, Franz M (2008) Multi-variant program execution: Using multi-core systems to defuse buffer-overflow vulnerabilities. International Workshop on Multi-Core Computing Systems (MuCoCoS 2008)
20.
Jackson T, Salamat B, Wagner G, Wimmer Ch, Franz M (2010) On the effectiveness of multi-variant program execution for vulnerability detection and prevention. International Workshop on Security Measurements and Metrics (MetriSec 2010)
21.
Franz M (2010) E unibus pluram: massive-scale software diversity as a defense mechanism. New Security Paradigms Workshop 2010 (NSPW 2010)
22.
Jackson T, Wimmer Ch, Franz M (2010) Multi-variant program execution for vulnerability detection and analysis. Sixth Annual Cyber Security and Information Intelligence Research Workshop (CSIIRW’10)
23.
Salamat B, Jackson T, Wagner G, Wimmer Ch, Franz M (2011) Run-time defense against code injection attacks using replicated execution. IEEE Transactions on Dependable and Secure Computing. IEEE Computer Society, doi:10.​1109/​TDSC.​2011.​18
24.
Pfleeger CP, Pfleeger SL (2003) Security in computing. Prentice Hall, Third Edition. p 62,ISBN:0-13-035548-8.
25.
Barrantes E, Ackley D, Palmer T, Stefanovic D, Zovi D (2003) Randomized instruction set emulation to disrupt binary code injection attacks. In Proceedings of the ACM Conference on Computer and Communications Security. ACM Press, pp 281–289
26.
Kc G, Keromytis A, Prevelakis V (2003) Countering code-injection attacks with instruction-set randomization. In Proceedings of the ACM Conference on Computer and Communications Security, pages 272–280. ACM Press
27.
28.
Cox B, Evans D, Filipi A, Rowanhill J, Hu W, Davidson J, Knight J, Nguyen-Tuong A, Hiser J (2006) N-variant systems: a secretless framework for security through diversity. In Proceedings of the 15th USENIX Security Symposium
29.
Cowan C, Pu C, Maier D, Walpole J, Bakke P, Beattie S, Grier A, Wagle P, Zhang Q, Hinton H (1998) StackGuard: automatic adaptive detection and prevention of buffer-overflow attacks. In Proceedings of the 7th USENIX Security Symposium
30.
Avizienis A, Chen L (1977) On the implementation of N-version programming for software fault-tolerance during program execution. International Computer Software and Applications Conference
31.
Chen L, Avizienis A (1978) N-version programming: a fault tolerance approach to reliability of software operation. 8th International Symposium on Fault-Tolerant Computing
32.
Joseph M (1988) Architectural issues in fault- tolerant, secure computing systems. Ph.D. Dissertation. UCLA Department of Computer Science
33.
Linger R, Daly T, Pleszkoch M (2011) Function extraction (FX) research for computation of software behavior: 2010 development and application of semantic reduction theorems for behavior analysis. Research Report for the Air Force Office of Scientific Research Mathematics and Information Science Directorate, 2011
34.
Bartholomew R, Burns L, Daly T, Linger R, Prowell S (2007) Function extraction: automated behavior computation for aerospace software verification and certification. Proceedings of 2007 AIAA Aerospace Conference, Monterey, CA, 3: 2145–2153.
35.
36.
Nguyen-Tuong A, Wang A, Hiser J, Knight J, Davidson J (2010) On the effectiveness of the metamorphic shield. The Fourth European Conference on Software Architecture: Companion Volume, ECSA ’10, pages 170–174, New York, NY, USA, ACM
37.
Buchanan E, Roemer R, Shacham H, Savage S (2008) When good instructions go bad: generalizing return-oriented programming to RISC. 15th ACM Conference on Computer and Communications Security (CCS)
38.
Peslyak A (1997) Return-to-libc Attack. Bugtraq mailing list
39.
Hardy N (1998) The confused deputy (or why capabilities might have been invented). ACM SIGOPS Operating Systems Review 22(4)
40.
Jorstad N, Landgrave TS (1997) Cryptographic algorithm metrics. 20th National Information Systems Security Conference, Baltimore
41.
Azab M, Hassan R, Eltoweissy M (2011) ChameleonSoft: a moving target defense system. 7th International Conference on Collaborative Computing: Networking, Applications and Worksharing, (CollaborateCom'11)
Metadaten
Titel
ChameleonSoft: Software Behavior Encryption for Moving Target Defense
verfasst von
Mohamed Azab
Mohamed Eltoweissy
Publikationsdatum
01.04.2013
Verlag
Springer US
Erschienen in
Mobile Networks and Applications / Ausgabe 2/2013
Print ISSN: 1383-469X
Elektronische ISSN: 1572-8153
DOI
https://doi.org/10.1007/s11036-012-0392-0

Weitere Artikel der Ausgabe 2/2013

Mobile Networks and Applications 2/2013 Zur Ausgabe

OriginalPaper

Medium Access Control for QoS Provisioning in Vehicle-to-Infrastructure Communication Networks

OriginalPaper

An Improved Fuzzy Unequal Clustering Algorithm for Wireless Sensor Network

OriginalPaper

Phase Coded Waveform Design for Sonar Sensor Network

OriginalPaper

Performance Modeling for Relay Cooperation in Delay Tolerant Networks

OriginalPaper

FPGA Implementation and Energy Cost Analysis of Two Light-Weight Involutional Block Ciphers Targeted to Wireless Sensor Networks

OriginalPaper

Data Replication in Cooperative Mobile Ad-Hoc Networks

Neuer Inhalt

    Bildnachweise