TY - JOUR
T1 - A software assignment algorithm for minimizing worm damage in networked systems
AU - Huang, Chu
AU - Zhu, Sencun
AU - Guan, Quanlong
AU - He, Yongzhong
N1 - Publisher Copyright:
© 2017 Elsevier Ltd
PY - 2017/8
Y1 - 2017/8
N2 - Homogeneous networked systems are at high risk of being compromised by malicious attacks that exploit a single weakness common to all. Following the survivability through heterogeneity philosophy, we present a novel approach to improving survivability of networked systems via software diversity. In this work, we propose an algorithm for assigning a number of software packages over a network of systems in an intelligent way such that machines running identical software are isolated into small “islands”, hence restricting the worm-like attacks from propagation. While developing the algorithm, we take into consideration not only practical constraints, including host functionality and software availability, but also weight, severity and impact range of vulnerability, well balancing and effectively minimizing the potential damage by an single attack. We also introduce possible enhancements by taking advantage of topological features of the network. Finally, we present a comparative analysis of our algorithm using simulation over various network structures. The results not only confirm the effectiveness and scalability of our algorithm, but also show its capability in creating moving attack surface. The level of heterogeneity our algorithm can actually create depends on the ratio of the number of installed software to the total number of available software.
AB - Homogeneous networked systems are at high risk of being compromised by malicious attacks that exploit a single weakness common to all. Following the survivability through heterogeneity philosophy, we present a novel approach to improving survivability of networked systems via software diversity. In this work, we propose an algorithm for assigning a number of software packages over a network of systems in an intelligent way such that machines running identical software are isolated into small “islands”, hence restricting the worm-like attacks from propagation. While developing the algorithm, we take into consideration not only practical constraints, including host functionality and software availability, but also weight, severity and impact range of vulnerability, well balancing and effectively minimizing the potential damage by an single attack. We also introduce possible enhancements by taking advantage of topological features of the network. Finally, we present a comparative analysis of our algorithm using simulation over various network structures. The results not only confirm the effectiveness and scalability of our algorithm, but also show its capability in creating moving attack surface. The level of heterogeneity our algorithm can actually create depends on the ratio of the number of installed software to the total number of available software.
UR - http://www.scopus.com/inward/record.url?scp=85019986412&partnerID=8YFLogxK
UR - http://www.scopus.com/inward/citedby.url?scp=85019986412&partnerID=8YFLogxK
U2 - 10.1016/j.jisa.2017.05.004
DO - 10.1016/j.jisa.2017.05.004
M3 - Article
AN - SCOPUS:85019986412
SN - 2214-2134
VL - 35
SP - 55
EP - 67
JO - Journal of Information Security and Applications
JF - Journal of Information Security and Applications
ER -