Modeling Network Diversity for Evaluating the Robustness of Networks against Zero-Day Attacks
نویسندگان
چکیده
The interest in diversity as a security mechanism has recently been revived in various applications, such as Moving Target Defense (MTD), resisting worms in sensor networks, and improving the robustness of network routing. However, most existing efforts on formally modeling diversity have focused on a single system running diverse software replicas or variants. At a higher abstraction level, as a global property of the entire network, diversity and its impact on security have received limited attention. In this paper, we take the first step towards formally modeling network diversity as a security metric for evaluating the robustness of networks against potential zero day attacks. Specifically, we first devise a biodiversity-inspired metric based on the effective number of distinct resources. We then propose two complementary diversity metrics, based on the least and the average attacking efforts, respectively. Finally, we evaluate our algorithm and metrics through simulation.
منابع مشابه
A Secure Routing Algorithm for Underwater Wireless Sensor Networks
Recently, underwater Wireless Sensor Networks (UWSNs) attracted the interest of many researchers and the past three decades have held the rapid progress of underwater acoustic communication. One of the major problems in UWSNs is how to transfer data from the mobile node to the base stations and choosing the optimized route for data transmission. Secure routing in UWSNs is necessary for packet d...
متن کاملRandom Key Pre-Distribution Techniques against Sybil Attacks
Sybil attacks pose a serious threat for Wireless Sensor Networks (WSN) security. They can create problems in routing, voting schemes, decision making, distributed storage and sensor re-programming. In a Sybil attack, the attacker masquerades as multiple sensor identities that are actually controlled by one or a few existing attacker nodes. Sybil identities are fabricated out of stolen keys, obt...
متن کاملSecuring AODV routing protocol against the black hole attack using Firefly algorithm
Mobile ad hoc networks are networks composed of wireless devices to create a network with the ability for self-organization. These networks are designed as a new generation of computer networks to satisfy some specific requirements and with features different from wired networks. These networks have no fixed communication infrastructure and for communication with other nodes the intermediate no...
متن کاملZDAR System: Defending Against the Unknown
Zero-day attacks are undetected through conventional signature-based defenses and hence posed a critical threat to corporate networks. They are unnoticed until a specific vulnerability is actually identified and reported. Zero-day attacks are difficult to defend against because it is mostly detected only after it has completed its course of action. Protecting networks, applications and systems ...
متن کاملA Survey of Solutions to Protect Against All Types of Attacks in Mobile Ad Hoc Networks
In recent years mobile networks have expanded dramatically, compared with other wireless networks. Routing protocols in these networks are designed with the assumption that there is no attacker node, so routing protocols are vulnerable to various attacks in these networks. In this paper, we review the network layer attacks and then we simulate the impact of black hole attack on ad hoc on demand...
متن کاملذخیره در منابع من
با ذخیره ی این منبع در منابع من، دسترسی به آن را برای استفاده های بعدی آسان تر کنید
عنوان ژورنال:
دوره شماره
صفحات -
تاریخ انتشار 2014