Diversity-Based Approaches to Software Systems Security
نویسندگان
چکیده
Software systems security represents a major concern as cyberattacks continue to grow in number and sophistication. In addition to the increasing complexity and interconnection of modern information systems, these systems run significant similar software. This is known as IT monoculture. As a consequence, software systems share common vulnerabilities, which enable the spread of malware. The principle of diversity can help in mitigating the negative effects of IT monoculture on security. One important category of the diversity-based software approaches for security purposes focuses on enabling efficient and effective dynamic monitoring of software system behavior in operation. In this paper, we present briefly these approaches and we propose a new approach which aims at generating dynamically a diverse set of lightweight traces. We initiate the discussion of some research issues which will be the focus of our future research work.
منابع مشابه
Mapping of McGraw Cycle to RUP Methodology for Secure Software Developing
Designing a secure software is one of the major phases in developing a robust software. The McGraw life cycle, as one of the well-known software security development approaches, implements different touch points as a collection of software security practices. Each touch point includes explicit instructions for applying security in terms of design, coding, measurement, and maintenance of softwar...
متن کاملSoftware Diversity for Information Security
In this paper we analyze a software diversification-based strategy to achieve information security. The notion of using diversity to limit correlated risks is a widely accepted strategy in many fields. Various risk management approaches strive to minimize the variance of losses faced by individuals by either risk pooling, as in insurance, or diversification, as in portfolio management. However,...
متن کاملA Survey of Anomaly Detection Approaches in Internet of Things
Internet of Things is an ever-growing network of heterogeneous and constraint nodes which are connected to each other and the Internet. Security plays an important role in such networks. Experience has proved that encryption and authentication are not enough for the security of networks and an Intrusion Detection System is required to detect and to prevent attacks from malicious nodes. In this ...
متن کاملSoftware Diversity and Fault-Tolerance: An Overview
The design of reliable and fault-free software is of a major concern for safety-critical real-time and distributed applications. The fault tolerant community addresses these problems through redundancy in hardware components and by diversity, using different software components. Diversity has been used for many years now as a computer defence mechanism to achieve an acceptable degree of fault-t...
متن کاملCultural and Social Enigmas: Missing Pieces of Food Security
The growing attention in food security has suggested many approaches to develop a society free from hunger and malnutrition. Methodological approaches are mostly used to overcome the challenges of food security, but food insecurity is more than mere availability and access to food. Cultural and social dimensions and their intricacies to achieve food security are mostly missing from the lite...
متن کاملذخیره در منابع من
با ذخیره ی این منبع در منابع من، دسترسی به آن را برای استفاده های بعدی آسان تر کنید
عنوان ژورنال:
دوره شماره
صفحات -
تاریخ انتشار 2011