SlideShare a Scribd company logo

Search Diverse Models for Proactive Software Diversification

FoCAS Initiative
FoCAS Initiative

Diversify project presentation by Benoit Baudry

Technology
1 of 57
Download to read offline
Searching Architecture Models for Proactive Software Diversification Benoit Baudry joint work with J. Bourcier, F. Fouquet, S. Allier, M. Monperrus 1
Early software monocultures 2
Software monoculture • Massive monoculture at the bottom of the software stack • operating system, web servers • Emerged with the increase " of the software market • personnal computers • Internet 3 virtual machines operating system frameworks HAL libraries applications
Software monoculture – PC 4
Software monoculture – web servers 5
Software monoculture – routers 6
Risks very well known • Single point of failure • Cascading effects • error / virus propagation • BOBE • blow one, blow everything • Massive reuse of attack vectors 7 120 March 2004/Vol. 47, No.3 COMMUNICATIONS OF THE ACM T he W32/Blaster worm burst onto the Internet scene in August of 2003. By exploiting a buffer overflow in Windows, the worm was able to infect more than 1.4 million systems worldwide in less than a month. More diversity in the OS market would have limited the number of suscep- tible systems, thereby reducing the level of infection. An analogy with biological systems is irresistible. When a disease strikes a biological system, a sig- nificant percentage of the affected population will survive, largely due to its genetic diversity. This holds true even for previously unknown diseases. By anal- ogy, diverse computing systems should weather cyber attacks better than systems that tend toward mono- culture. But how valid is the analogy? It could be argued that the case for computing diversity is even stronger than the case for biological diversity. In bio- logical systems, attackers find their targets at random, while in computing systems, monoculture creates more incentive for attack because the results will be all the more spectacular. On the other hand, it might be argued that cyber-monoculture has arisen via nat- ural selection—providers with the best security prod- ucts have survived to dominate the market. Given the dismal state of computer security today, this argument is not particularly persuasive. Although cyber-diversity evidently provides secu- rity benefits, why do we live in an era of relative com- puting monoculture? The first-to-market advantage and the ready availability of support for popular prod- ucts are examples of incentives that work against diversity. The net result is a “tragedy of the (security) commons” phenomenon—the security of the Internet as a whole could benefit from increased diversity, but individuals have incentives for monoculture. It is unclear how proposals aimed at improving com- puting security might affect cyber-diversity. For exam- ple, increased liability for software providers is often suggested as a market-oriented approach to improved security. However, such an approach might favor those with the deepest pockets, leading to less diversity. Although some cyber-diversity is good, is more diversity better? Virus writers in particular have used diversity to their advantage; polymorphic viruses are currently in vogue. Such viruses are generally encrypted with a weak cipher, using a new key each time the virus propagates, thus confounding signature-based detection. However, because the decryption routine cannot be encrypted, detection is still possible. Virus writers are on the verge of unleashing so-called metamorphic viruses, where the body of the virus itself changes each time it propa- gates. This results in viruses that are functionally equivalent, with each instance of the virus containing distinct software. Detection of metamorphic viruses will be extremely challenging. Is there defensive value in software diversity of the metamorphic type? Suppose we produce a piece of software that contains a common vulnerability, say, a buffer overflow. If we simply clone the software—as is standard practice—each copy will contain an iden- tical vulnerability, and hence an identical attack will succeed against each clone. Instead, suppose we cre- ate metamorphic instances, where all instances are functionally equivalent, but each contains signifi- cantly different code. Even if each instance still con- tains the buffer overflow, an attacker will probably need to craft multiple attacks for multiple instances. The damage inflicted by any individual attack would thereby be reduced and the complexity of a large- scale attack would be correspondingly increased. Fur- thermore, a targeted attack on any one instance would be at least as difficult as in the cloning case. Common protocols and standards are necessary in order for networked communication to succeed and, clearly, diversity cannot be applied to such areas of commonality. For example, diversity cannot help pre- vent a protocol-level attack such as TCP SYN flooding. But diversity can help mitigate implementation-level attacks, such as exploiting buffer overflows. As with many security-related issues, quantifying the potential benefits of diversity is challenging. In addition, meta- morphic diversity raises significant questions regarding software development, performance, and maintenance. In spite of these limitations and concerns, there is con- siderable interest in cyber-diversity, both within the research community and in industry; for an example of the former, see www.newswise.com/articles/view/502136/ and for examples of the latter, see the Cloakware.com Web site or Microsoft’s discussion of individualization in the Windows Media Rights Manager. Mark Stamp (stamp@cs.sjsu.edu), an assistant professor of computer science at San Jose State University, recently spent two years working on diverse software for MediaSnap, Inc. c Risks of Monoculture PAULWATSON Inside Risks Mark Stamp
Systems software diversification 8
Software diversity • In operating systems • Seminal papers in the 1990’s • Fred Cohen 1993 « Operating system protection through program evolution » • Stephanie Forrest 1997 « Building Diverse Computer Systems » • For security purposes • mitigate code injection, buffer overflows 9
Instruction set randomization 10 Encryption Key Compile Load In memory Execution Decryption Key Randomized instruction set emulation. EG Barrantes, DH Ackley, S Forrest, D Stefanović. ACM TISSEC, 8 (1), 3-40
Software diversity • Address space layout randomization • randomize binary addresses at load time • a program’s address space is different on each machine • Deployed in all mainstream operating systems • Effective against buffer overflows 11
New software monocultures 12
Software monoculture today • Continues growing in upper levels of the software stack • libraries, frameworks, IDEs, CMS, search engine, browser, etc. • Pushed by GOOD reasons • software engineering practices: " modularity and reuse • compatibility and interoperability • maintenance and evolution costs reduction • economical motivations 13 virtual machines operating system frameworks HAL libraries applications
The case of Wordpress • CMS monoculture • March 2014: more than 20% of 500000 top site use Wordpress • Plugins monoculture • 64% use the Akismet plugin • 23% use Jetpack, known to have an SQL injection vulnerability 14 “Multi-tier diversification in Internet-based software applications”. Simon Allier, Olivier Barais, Benoit Baudry, Johann Bourcier, Erwan Daubert, Franck Fleurey, Martin Monperrus, Hui Song, Maxime Tricoire. To appear in IEEE Software, Jan 2015
The case of Wordpress 15 110000 web sites mean of 5 plugins per site
JS libraries 16 110000 web sites
Cryptographic protocols 17
Cryptographic protocols 18 source: https://t37.net/4-lessons-every-startup-should-learn-from-the-heartbleed-catastrophe.html
Cryptographic protocols 19
Social networks 20 source: http://www.zdnet.com/is-the-social-networking-monoculture-ready-to-crumble-7000003329/
Knowledge 21
Software development 22 source: http://www.creativebloq.com/netmag/bacon-bad-you-dangers-dev-monoculture-21410684
Alternatives are emerging 23
Web servers 24
Cloud platforms 25
Java virtual machines 26
Apps 27 Huge reservoir of functionally similar software solutions
Yet, software systems remain highly homogeneous 28
Take-away • Software monocultures exist • at a very large scale • in application level code • Software diversity exists • machine-code level • Alternative software solutions emerge • must be exploited • Next challenge: diversify applications in a proactive/automatic way 29
Our claim MDE and SBSE can spur aplication software diversity radiation 30
Web app example 31
Server side software stack 32 RingoJS Rhino MDMS JVM RedisDB OS
Server side deployment 33 Nginx load balancer http request Internet config 0 Monoculture deployment of MDMS config 0 config 0 config 0config 0config 0
Server side deployment 34 Nginx load balancer http request Internet config 1 config 2 config 3 config 4 config 5 config 6 Multi-diversified deployment of MDMS diverse JS interpreters diverse JVMs diverse OSs diverse clouds
Where models can support diversification 35 Nginx load balancer http request Internet config 1 config 2 config 3 config 4 config 5 config 6 Multi-diversified deployment of MDMS formal dependencies trade-off between diversity and other criteria Models provide abstractions to formalize the space for diversification and sustain software diversity, system- wise, over time
Searching for diverse architectures • A reservoir of software diversity • natural diversity of OS or JVM • automatic diversification of the JS interpreter • Automatic reasoning on the architecture • find valid, diverse deployment architectures • Actual deployment of a diverse architecture • deploy the solution on a distributed setting 36
Synthesizing a diversity reservoir • Sosies • a sosie program is a variant of a program that passes the same test suite • Synthesized thousands of sosies • deleting or adding / replacing statements by others from the same program • Synthesized 843 RingoJS sosies • that can be executed from the MDMS client 37 “Tailored Source Code Transformations to Synthesize Computationally Diverse Program Variants”. Benoit Baudry Simon Allier, Martin Monperrus. ISSTA 2014
Architecture modeling 38 • Component-based software engineering Node 1 Load Balancer Node 2 MdMS Node 3 MdMS Node 4 MdMS JVM = HotSpot JVM = HotSpot JVM = HotSpot
Node 1 Load Balancer Node 2 MdMS Node 3 MdMS Node 4 MdMS JVM = OpenJDK JVM = JRockit JVM = HotSpot Architecture modeling
Architecture modeling •  Component •  Code unit •  I/O ports •  Channel •  Communication between components •  Node •  Execution platform for components •  Group •  Group nodes together to have a consistent model
Kevoree for distributed deployment • An open-source framework • A structural model that represents the distributed running system and that can be synchronized in both directions on-demand On- demand synchroni zation
Kevoree for distributed deployment 42 4 2
Synthesizing software architecture • Given a reservoir of diverse software components • natural diversity of VMs, JVMs, machines • automatic diversity: sosie RingoJS • What is the the good trade-off between • capacity • cost • diversity: need to estimate ‘good’ diversity 43
Polymer Framework • Polymer • Open-source framework to enable runtime usage of SBSE techniques • Works to make SSBSE usable @Runtime • Define dedicated domains, actions, fitness • Find heuristics to converge faster to acceptable tradeoffs
Polymer • Leverage the KMF framework to reason on domain models • Mutation, Fitness, and crossover are defined as model transformation • Multi-objectives • Extensible framework • Define your own model, your own operators, your own fitnesses, define your own search algorithm Implemented algorithms : Genetic (MOEAd, NSGAII), Greedy (progression each steps), Local Full Search
Node Concrete domain example Cloud JVM : EString O..* nodes id : EString Component O..* components name: EString Load Balancer MdMS sosie: EString
Domain model id:EString JVM: EString Node Cloud name: EString Component sosie: EString MDMS LoadBalancer 0..*components 0..* nodes
Polymer usage GeneticEngine<Cloud> engine = new GeneticEngine<Cloud>(); engine.setAlgorithm(GeneticAlgorithm.EpsilonCrowdingNSGII); engine.addOperator(new AddNodeMutator()); engine.addOperator(new RemoveNodeMutator()); engine.addOperator(new AddComponentMutator()); … engine.addFitnessFuntion(new CloudCostFitness()); engine.addFitnessFuntion(new CloudCapacityFitness()); engine.addFitnessFuntion(new CloudDiversityFitness()); … engine.setMaxGeneration(300); engine.run(); The model to use The Search algorithm to use The mutation operators to use The fitnesses to use Fix search parameters Run
Defining Mutation ... cloud.getNodes().add(new Nodes().setName("node_5555")); ... Usage of model elements
Defining the cost Fitness function evaluate(cloud : CloudModel) : Double { ... return sum(cloud.getNodes.price); ... } Usage of model elements
Defining the capacity Fitness function evaluate(cloud : CloudModel) : Double { ... return sum(cloud.getNodes.capacity); ... } Usage of model elements
Defining the Diversity Fitness function evaluate(cloud : CloudModel) : Double { ... return extinctionSequence(cloud); ... } This function computes a value corresponding to the extinction sequence of the cloud given in parameters Usage of model elements
Diversity fitness: robustness Percentage  of  plant  species  deleted:    ex$nc$on  sequence   Memmo4  et  al.  2004   Robustness: how fast extinctions lead to collapse of other species (secondary extinctions) Percentage  of  remaining  species  
Extinction sequence algorithm 1.  While the application still provides a service 1.  We select a specific component A •  Such as a specific sosies of MdMS 2.  We kill all the instances of A 3.  We evaluate the capacity of the system to serve user request and incrementally draw a curve 2.  We measure the area behind the curve to determine the robustness of the system
Robustness Measurement • Quantifies the resistance of the graph to random perturbations • Reports the change in apps alive as the platforms are individually killed • Robust networks allow the maximum amount of apps to remain alive in the face of systemic platform death 55
Conclusion • Software monocultures grow at all levels in software stacks • for good engineering and business reasons • MDE and SBSE can be key enablers to balance this natural phenomenon • abstractions that characterize the diverse components • search-based techniques that sustain diversity 56
References •  « Multi-tier diversification in Internet-based software applications ». Simon Allier, Olivier Barais, Benoit Baudry, Johann Bourcier, Erwan Daubert, Franck Fleurey, Martin Monperrus, Hui Song, Maxime Tricoire. To appear in IEEE Software, Jan 2015 •  « Tailored source code transformations to synthesize computationally diverse program variants ». Benoit Baudry, Simon Allier, and Martin Monperrus. ISSTA 2014. •  « Optimizing Multi-Objective Evolutionary Algorithms to enable Quality- Aware Software Provisioning ». Donia El Kateb, Francois Fouquet, Johann Bourcier, Yves Le Traon. QSIC 2014 •  http://kevoree.org/polymer/ •  http://kevoree.org/ •  https://github.com/INRIA/spoon •  http://diversify-project.eu/ 57

Recommended

Virus vs Anti-Virus
Virus vs Anti-VirusVirus vs Anti-Virus
Virus vs Anti-VirusSamarAhmadKhan1
 
An analysis of how antivirus methodologies are utilized in protecting compute...
An analysis of how antivirus methodologies are utilized in protecting compute...An analysis of how antivirus methodologies are utilized in protecting compute...
An analysis of how antivirus methodologies are utilized in protecting compute...UltraUploader
 
12102 vipre business-protecting-against-the-new-wave-of-malware
12102 vipre business-protecting-against-the-new-wave-of-malware12102 vipre business-protecting-against-the-new-wave-of-malware
12102 vipre business-protecting-against-the-new-wave-of-malwareDigital Pymes
 
Codigo Malicioso
Codigo MaliciosoCodigo Malicioso
Codigo MaliciosoJose Manuel Acosta
 
Known Knowns, Unknown Unknowns and Anti Virus stuff yadayadayada
Known Knowns, Unknown Unknowns and Anti Virus stuff yadayadayadaKnown Knowns, Unknown Unknowns and Anti Virus stuff yadayadayada
Known Knowns, Unknown Unknowns and Anti Virus stuff yadayadayadanamblasec
 
Hacking 10 2010
Hacking 10 2010Hacking 10 2010
Hacking 10 2010Felipe Prado
 
Malware
MalwareMalware
Malwarezelkan19
 
Dilsher idrees mustafa_6_a_vulnerabilities_study
Dilsher idrees mustafa_6_a_vulnerabilities_studyDilsher idrees mustafa_6_a_vulnerabilities_study
Dilsher idrees mustafa_6_a_vulnerabilities_studydilsherece
 

Recommended

Virus vs Anti-Virus
Virus vs Anti-VirusVirus vs Anti-Virus
Virus vs Anti-VirusSamarAhmadKhan1
 
An analysis of how antivirus methodologies are utilized in protecting compute...
An analysis of how antivirus methodologies are utilized in protecting compute...An analysis of how antivirus methodologies are utilized in protecting compute...
An analysis of how antivirus methodologies are utilized in protecting compute...UltraUploader
 
12102 vipre business-protecting-against-the-new-wave-of-malware
12102 vipre business-protecting-against-the-new-wave-of-malware12102 vipre business-protecting-against-the-new-wave-of-malware
12102 vipre business-protecting-against-the-new-wave-of-malwareDigital Pymes
 
Codigo Malicioso
Codigo MaliciosoCodigo Malicioso
Codigo MaliciosoJose Manuel Acosta
 
Known Knowns, Unknown Unknowns and Anti Virus stuff yadayadayada
Known Knowns, Unknown Unknowns and Anti Virus stuff yadayadayadaKnown Knowns, Unknown Unknowns and Anti Virus stuff yadayadayada
Known Knowns, Unknown Unknowns and Anti Virus stuff yadayadayadanamblasec
 
Hacking 10 2010
Hacking 10 2010Hacking 10 2010
Hacking 10 2010Felipe Prado
 
Malware
MalwareMalware
Malwarezelkan19
 
Dilsher idrees mustafa_6_a_vulnerabilities_study
Dilsher idrees mustafa_6_a_vulnerabilities_studyDilsher idrees mustafa_6_a_vulnerabilities_study
Dilsher idrees mustafa_6_a_vulnerabilities_studydilsherece
 
Viruses & Malware: Effects On Enterprise Networks
Viruses & Malware: Effects On Enterprise NetworksViruses & Malware: Effects On Enterprise Networks
Viruses & Malware: Effects On Enterprise NetworksDiane M. Metcalf
 
Skywiper
SkywiperSkywiper
Skywipermikaelsorai
 
A technique for removing an important class of trojan horses from high order ...
A technique for removing an important class of trojan horses from high order ...A technique for removing an important class of trojan horses from high order ...
A technique for removing an important class of trojan horses from high order ...UltraUploader
 
Meeting national security_space_needs_in_the_contested_cyberspace_domain
Meeting national security_space_needs_in_the_contested_cyberspace_domainMeeting national security_space_needs_in_the_contested_cyberspace_domain
Meeting national security_space_needs_in_the_contested_cyberspace_domainDarwin Chimbo
 
Computer Viruses and Classification lecture slides ppt
Computer Viruses and Classification lecture slides pptComputer Viruses and Classification lecture slides ppt
Computer Viruses and Classification lecture slides pptOsama Yousaf
 
A history of computer viruses introduction
A history of computer viruses introductionA history of computer viruses introduction
A history of computer viruses introductionUltraUploader
 
Remote File Inclusion
Remote File InclusionRemote File Inclusion
Remote File InclusionImperva
 
Stormy Weather
Stormy WeatherStormy Weather
Stormy WeatherAnthony Arrott
 
Alexandros Papanikolaou PROmis
Alexandros Papanikolaou PROmisAlexandros Papanikolaou PROmis
Alexandros Papanikolaou PROmisIgnite_Athens
 
Modeling and Containment of Uniform Scanning Worms
Modeling and Containment of Uniform Scanning WormsModeling and Containment of Uniform Scanning Worms
Modeling and Containment of Uniform Scanning WormsIOSR Journals
 
A SURVEY ON MALWARE DETECTION AND ANALYSIS TOOLS
A SURVEY ON MALWARE DETECTION AND ANALYSIS TOOLSA SURVEY ON MALWARE DETECTION AND ANALYSIS TOOLS
A SURVEY ON MALWARE DETECTION AND ANALYSIS TOOLSIJNSA Journal
 
Commercial Cyber Crime - Social Networks Malware
Commercial Cyber Crime - Social Networks MalwareCommercial Cyber Crime - Social Networks Malware
Commercial Cyber Crime - Social Networks MalwareAditya K Sood
 
Bot software spreads, causes new worries
Bot software spreads, causes new worriesBot software spreads, causes new worries
Bot software spreads, causes new worriesUltraUploader
 
C3
C3C3
C3Praveen Malisetty
 
HONEYPOTLABSAC: A VIRTUAL HONEYPOT FRAMEWORK FOR ANDROID
HONEYPOTLABSAC: A VIRTUAL HONEYPOT FRAMEWORK FOR ANDROIDHONEYPOTLABSAC: A VIRTUAL HONEYPOT FRAMEWORK FOR ANDROID
HONEYPOTLABSAC: A VIRTUAL HONEYPOT FRAMEWORK FOR ANDROIDIJCNCJournal
 
Biological aspects of computer virology
Biological aspects of computer virologyBiological aspects of computer virology
Biological aspects of computer virologyUltraUploader
 
Virus and antivirus
Virus and antivirusVirus and antivirus
Virus and antivirusPrakriti Sharma
 
Puppetnets and Botnets: Information Technology Vulnerability Exploits
Puppetnets and Botnets: Information Technology Vulnerability ExploitsPuppetnets and Botnets: Information Technology Vulnerability Exploits
Puppetnets and Botnets: Information Technology Vulnerability Exploitsecarrow
 
IJSRED-V2I3P69
IJSRED-V2I3P69IJSRED-V2I3P69
IJSRED-V2I3P69IJSRED
 
Network virus detection & prevention
Network virus detection & preventionNetwork virus detection & prevention
Network virus detection & preventionKhaleel Assadi
 
Attack of the killer virus!
Attack of the killer virus!Attack of the killer virus!
Attack of the killer virus!UltraUploader
 
Application of hardware accelerated extensible network nodes for internet wor...
Application of hardware accelerated extensible network nodes for internet wor...Application of hardware accelerated extensible network nodes for internet wor...
Application of hardware accelerated extensible network nodes for internet wor...UltraUploader
 

More Related Content

What's hot

Viruses & Malware: Effects On Enterprise Networks
Viruses & Malware: Effects On Enterprise NetworksViruses & Malware: Effects On Enterprise Networks
Viruses & Malware: Effects On Enterprise NetworksDiane M. Metcalf
 
A technique for removing an important class of trojan horses from high order ...
A technique for removing an important class of trojan horses from high order ...A technique for removing an important class of trojan horses from high order ...
A technique for removing an important class of trojan horses from high order ...UltraUploader
 
Meeting national security_space_needs_in_the_contested_cyberspace_domain
Meeting national security_space_needs_in_the_contested_cyberspace_domainMeeting national security_space_needs_in_the_contested_cyberspace_domain
Meeting national security_space_needs_in_the_contested_cyberspace_domainDarwin Chimbo
 
Computer Viruses and Classification lecture slides ppt
Computer Viruses and Classification lecture slides pptComputer Viruses and Classification lecture slides ppt
Computer Viruses and Classification lecture slides pptOsama Yousaf
 
A history of computer viruses introduction
A history of computer viruses introductionA history of computer viruses introduction
A history of computer viruses introductionUltraUploader
 
Remote File Inclusion
Remote File InclusionRemote File Inclusion
Remote File InclusionImperva
 
Alexandros Papanikolaou PROmis
Alexandros Papanikolaou PROmisAlexandros Papanikolaou PROmis
Alexandros Papanikolaou PROmisIgnite_Athens
 
Modeling and Containment of Uniform Scanning Worms
Modeling and Containment of Uniform Scanning WormsModeling and Containment of Uniform Scanning Worms
Modeling and Containment of Uniform Scanning WormsIOSR Journals
 
A SURVEY ON MALWARE DETECTION AND ANALYSIS TOOLS
A SURVEY ON MALWARE DETECTION AND ANALYSIS TOOLSA SURVEY ON MALWARE DETECTION AND ANALYSIS TOOLS
A SURVEY ON MALWARE DETECTION AND ANALYSIS TOOLSIJNSA Journal
 
Commercial Cyber Crime - Social Networks Malware
Commercial Cyber Crime - Social Networks MalwareCommercial Cyber Crime - Social Networks Malware
Commercial Cyber Crime - Social Networks MalwareAditya K Sood
 
Bot software spreads, causes new worries
Bot software spreads, causes new worriesBot software spreads, causes new worries
Bot software spreads, causes new worriesUltraUploader
 
HONEYPOTLABSAC: A VIRTUAL HONEYPOT FRAMEWORK FOR ANDROID
HONEYPOTLABSAC: A VIRTUAL HONEYPOT FRAMEWORK FOR ANDROIDHONEYPOTLABSAC: A VIRTUAL HONEYPOT FRAMEWORK FOR ANDROID
HONEYPOTLABSAC: A VIRTUAL HONEYPOT FRAMEWORK FOR ANDROIDIJCNCJournal
 
Biological aspects of computer virology
Biological aspects of computer virologyBiological aspects of computer virology
Biological aspects of computer virologyUltraUploader
 
Puppetnets and Botnets: Information Technology Vulnerability Exploits
Puppetnets and Botnets: Information Technology Vulnerability ExploitsPuppetnets and Botnets: Information Technology Vulnerability Exploits
Puppetnets and Botnets: Information Technology Vulnerability Exploitsecarrow
 
IJSRED-V2I3P69
IJSRED-V2I3P69IJSRED-V2I3P69
IJSRED-V2I3P69IJSRED
 

What's hot (19)

Viruses & Malware: Effects On Enterprise Networks
Viruses & Malware: Effects On Enterprise NetworksViruses & Malware: Effects On Enterprise Networks
Viruses & Malware: Effects On Enterprise Networks
 
Skywiper
SkywiperSkywiper
Skywiper
 
A technique for removing an important class of trojan horses from high order ...
A technique for removing an important class of trojan horses from high order ...A technique for removing an important class of trojan horses from high order ...
A technique for removing an important class of trojan horses from high order ...
 
Meeting national security_space_needs_in_the_contested_cyberspace_domain
Meeting national security_space_needs_in_the_contested_cyberspace_domainMeeting national security_space_needs_in_the_contested_cyberspace_domain
Meeting national security_space_needs_in_the_contested_cyberspace_domain
 
Computer Viruses and Classification lecture slides ppt
Computer Viruses and Classification lecture slides pptComputer Viruses and Classification lecture slides ppt
Computer Viruses and Classification lecture slides ppt
 
A history of computer viruses introduction
A history of computer viruses introductionA history of computer viruses introduction
A history of computer viruses introduction
 
Remote File Inclusion
Remote File InclusionRemote File Inclusion
Remote File Inclusion
 
Stormy Weather
Stormy WeatherStormy Weather
Stormy Weather
 
Alexandros Papanikolaou PROmis
Alexandros Papanikolaou PROmisAlexandros Papanikolaou PROmis
Alexandros Papanikolaou PROmis
 
Modeling and Containment of Uniform Scanning Worms
Modeling and Containment of Uniform Scanning WormsModeling and Containment of Uniform Scanning Worms
Modeling and Containment of Uniform Scanning Worms
 
A SURVEY ON MALWARE DETECTION AND ANALYSIS TOOLS
A SURVEY ON MALWARE DETECTION AND ANALYSIS TOOLSA SURVEY ON MALWARE DETECTION AND ANALYSIS TOOLS
A SURVEY ON MALWARE DETECTION AND ANALYSIS TOOLS
 
Commercial Cyber Crime - Social Networks Malware
Commercial Cyber Crime - Social Networks MalwareCommercial Cyber Crime - Social Networks Malware
Commercial Cyber Crime - Social Networks Malware
 
Bot software spreads, causes new worries
Bot software spreads, causes new worriesBot software spreads, causes new worries
Bot software spreads, causes new worries
 
C3
C3C3
C3
 
HONEYPOTLABSAC: A VIRTUAL HONEYPOT FRAMEWORK FOR ANDROID
HONEYPOTLABSAC: A VIRTUAL HONEYPOT FRAMEWORK FOR ANDROIDHONEYPOTLABSAC: A VIRTUAL HONEYPOT FRAMEWORK FOR ANDROID
HONEYPOTLABSAC: A VIRTUAL HONEYPOT FRAMEWORK FOR ANDROID
 
Biological aspects of computer virology
Biological aspects of computer virologyBiological aspects of computer virology
Biological aspects of computer virology
 
Virus and antivirus
Virus and antivirusVirus and antivirus
Virus and antivirus
 
Puppetnets and Botnets: Information Technology Vulnerability Exploits
Puppetnets and Botnets: Information Technology Vulnerability ExploitsPuppetnets and Botnets: Information Technology Vulnerability Exploits
Puppetnets and Botnets: Information Technology Vulnerability Exploits
 
IJSRED-V2I3P69
IJSRED-V2I3P69IJSRED-V2I3P69
IJSRED-V2I3P69
 

Similar to Search Diverse Models for Proactive Software Diversification

Network virus detection & prevention
Network virus detection & preventionNetwork virus detection & prevention
Network virus detection & preventionKhaleel Assadi
 
Attack of the killer virus!
Attack of the killer virus!Attack of the killer virus!
Attack of the killer virus!UltraUploader
 
Application of hardware accelerated extensible network nodes for internet wor...
Application of hardware accelerated extensible network nodes for internet wor...Application of hardware accelerated extensible network nodes for internet wor...
Application of hardware accelerated extensible network nodes for internet wor...UltraUploader
 
Web virus activity
Web virus activityWeb virus activity
Web virus activitySim_Dhillon
 
A stochastic model of multivirus dynamics
A stochastic model of multivirus dynamicsA stochastic model of multivirus dynamics
A stochastic model of multivirus dynamicsJPINFOTECH JAYAPRAKASH
 
Analysis of field data on web security vulnerabilities
Analysis of field data on web security vulnerabilities Analysis of field data on web security vulnerabilities
Analysis of field data on web security vulnerabilities Papitha Velumani
 
ISSA Journal Paper - JavaScript Infection Model
ISSA Journal Paper - JavaScript Infection ModelISSA Journal Paper - JavaScript Infection Model
ISSA Journal Paper - JavaScript Infection ModelAditya K Sood
 
A critical look at the regulation of computer viruses
A critical look at the regulation of computer virusesA critical look at the regulation of computer viruses
A critical look at the regulation of computer virusesUltraUploader
 
Problems With Battling Malware Have Been Discussed, Moving...
Problems With Battling Malware Have Been Discussed, Moving...Problems With Battling Malware Have Been Discussed, Moving...
Problems With Battling Malware Have Been Discussed, Moving...Deb Birch
 
Information security in todays world
Information security in todays worldInformation security in todays world
Information security in todays worldSibghatullah Khattak
 
Exploits Attack on Windows Vulnerabilities
Exploits Attack on Windows VulnerabilitiesExploits Attack on Windows Vulnerabilities
Exploits Attack on Windows VulnerabilitiesAmit Kumbhar
 
Web security – application security roads to software security nirvana iisf...
Web security – application security roads to software security nirvana iisf...Web security – application security roads to software security nirvana iisf...
Web security – application security roads to software security nirvana iisf...Eoin Keary
 
EXTERNAL - Whitepaper - How 3 Cyber ThreatsTransform Incident Response 081516
EXTERNAL - Whitepaper - How 3 Cyber ThreatsTransform Incident Response 081516EXTERNAL - Whitepaper - How 3 Cyber ThreatsTransform Incident Response 081516
EXTERNAL - Whitepaper - How 3 Cyber ThreatsTransform Incident Response 081516Yasser Mohammed
 
Protecting Enterprise - An examination of bugs, major vulnerabilities and exp...
Protecting Enterprise - An examination of bugs, major vulnerabilities and exp...Protecting Enterprise - An examination of bugs, major vulnerabilities and exp...
Protecting Enterprise - An examination of bugs, major vulnerabilities and exp...ESET Middle East
 
honey pots introduction and its types
honey pots introduction and its typeshoney pots introduction and its types
honey pots introduction and its typesVishal Tandel
 
Cscu module 03 protecting systems using antiviruses
Cscu module 03 protecting systems using antivirusesCscu module 03 protecting systems using antiviruses
Cscu module 03 protecting systems using antivirusesAlireza Ghahrood
 
Computer worm
Computer wormComputer worm
Computer wormzelkan19
 
Computer worm
Computer wormComputer worm
Computer wormzelkan19
 

Similar to Search Diverse Models for Proactive Software Diversification (20)

Network virus detection & prevention
Network virus detection & preventionNetwork virus detection & prevention
Network virus detection & prevention
 
Attack of the killer virus!
Attack of the killer virus!Attack of the killer virus!
Attack of the killer virus!
 
Application of hardware accelerated extensible network nodes for internet wor...
Application of hardware accelerated extensible network nodes for internet wor...Application of hardware accelerated extensible network nodes for internet wor...
Application of hardware accelerated extensible network nodes for internet wor...
 
Web virus activity
Web virus activityWeb virus activity
Web virus activity
 
A stochastic model of multivirus dynamics
A stochastic model of multivirus dynamicsA stochastic model of multivirus dynamics
A stochastic model of multivirus dynamics
 
Analysis of field data on web security vulnerabilities
Analysis of field data on web security vulnerabilities Analysis of field data on web security vulnerabilities
Analysis of field data on web security vulnerabilities
 
ISSA Journal Paper - JavaScript Infection Model
ISSA Journal Paper - JavaScript Infection ModelISSA Journal Paper - JavaScript Infection Model
ISSA Journal Paper - JavaScript Infection Model
 
A critical look at the regulation of computer viruses
A critical look at the regulation of computer virusesA critical look at the regulation of computer viruses
A critical look at the regulation of computer viruses
 
Problems With Battling Malware Have Been Discussed, Moving...
Problems With Battling Malware Have Been Discussed, Moving...Problems With Battling Malware Have Been Discussed, Moving...
Problems With Battling Malware Have Been Discussed, Moving...
 
Information security in todays world
Information security in todays worldInformation security in todays world
Information security in todays world
 
Computer viruses
Computer virusesComputer viruses
Computer viruses
 
Exploits Attack on Windows Vulnerabilities
Exploits Attack on Windows VulnerabilitiesExploits Attack on Windows Vulnerabilities
Exploits Attack on Windows Vulnerabilities
 
Web security – application security roads to software security nirvana iisf...
Web security – application security roads to software security nirvana iisf...Web security – application security roads to software security nirvana iisf...
Web security – application security roads to software security nirvana iisf...
 
Computer viruses
Computer virusesComputer viruses
Computer viruses
 
EXTERNAL - Whitepaper - How 3 Cyber ThreatsTransform Incident Response 081516
EXTERNAL - Whitepaper - How 3 Cyber ThreatsTransform Incident Response 081516EXTERNAL - Whitepaper - How 3 Cyber ThreatsTransform Incident Response 081516
EXTERNAL - Whitepaper - How 3 Cyber ThreatsTransform Incident Response 081516
 
Protecting Enterprise - An examination of bugs, major vulnerabilities and exp...
Protecting Enterprise - An examination of bugs, major vulnerabilities and exp...Protecting Enterprise - An examination of bugs, major vulnerabilities and exp...
Protecting Enterprise - An examination of bugs, major vulnerabilities and exp...
 
honey pots introduction and its types
honey pots introduction and its typeshoney pots introduction and its types
honey pots introduction and its types
 
Cscu module 03 protecting systems using antiviruses
Cscu module 03 protecting systems using antivirusesCscu module 03 protecting systems using antiviruses
Cscu module 03 protecting systems using antiviruses
 
Computer worm
Computer wormComputer worm
Computer worm
 
Computer worm
Computer wormComputer worm
Computer worm
 

More from FoCAS Initiative

Fundamentals of Collective Adaptive Systems Manifesto
Fundamentals of Collective Adaptive Systems ManifestoFundamentals of Collective Adaptive Systems Manifesto
Fundamentals of Collective Adaptive Systems ManifestoFoCAS Initiative
 
Final FoCAS Newsletter, Issue Eight, Winter 2016
Final FoCAS Newsletter, Issue Eight, Winter 2016Final FoCAS Newsletter, Issue Eight, Winter 2016
Final FoCAS Newsletter, Issue Eight, Winter 2016FoCAS Initiative
 
Advanced Manufacturing: An Industrial Application for Collective Adaptive Sys...
Advanced Manufacturing: An Industrial Application for Collective Adaptive Sys...Advanced Manufacturing: An Industrial Application for Collective Adaptive Sys...
Advanced Manufacturing: An Industrial Application for Collective Adaptive Sys...FoCAS Initiative
 
FoCAS Newsletter Issue Seven
FoCAS Newsletter Issue SevenFoCAS Newsletter Issue Seven
FoCAS Newsletter Issue SevenFoCAS Initiative
 
Where Shall We Have Lunch? Problems For A Computer-aided Future
Where Shall We Have Lunch? Problems For A Computer-aided FutureWhere Shall We Have Lunch? Problems For A Computer-aided Future
Where Shall We Have Lunch? Problems For A Computer-aided FutureFoCAS Initiative
 
Sustainability Challenges In A Complex World
Sustainability Challenges In A Complex WorldSustainability Challenges In A Complex World
Sustainability Challenges In A Complex WorldFoCAS Initiative
 
On Manipulating Attractors In Collective Behaviours Of Bio-hybrid Societies W...
On Manipulating Attractors In Collective Behaviours Of Bio-hybrid Societies W...On Manipulating Attractors In Collective Behaviours Of Bio-hybrid Societies W...
On Manipulating Attractors In Collective Behaviours Of Bio-hybrid Societies W...FoCAS Initiative
 
The Liquid Computing Paradigm
The Liquid Computing ParadigmThe Liquid Computing Paradigm
The Liquid Computing ParadigmFoCAS Initiative
 
Complexity And The Relationship Between Knowledge And Action
Complexity And The Relationship Between Knowledge And ActionComplexity And The Relationship Between Knowledge And Action
Complexity And The Relationship Between Knowledge And ActionFoCAS Initiative
 
FoCAS Newsletter Issue Six
FoCAS Newsletter Issue SixFoCAS Newsletter Issue Six
FoCAS Newsletter Issue SixFoCAS Initiative
 
FoCAS Newsletter Issue Five
FoCAS Newsletter Issue FiveFoCAS Newsletter Issue Five
FoCAS Newsletter Issue FiveFoCAS Initiative
 
Temporal logics for multi-agent systems
Temporal logics for multi-agent systemsTemporal logics for multi-agent systems
Temporal logics for multi-agent systemsFoCAS Initiative
 
Advanced Systems Engineering
Advanced Systems EngineeringAdvanced Systems Engineering
Advanced Systems EngineeringFoCAS Initiative
 
Artificial software diversity: automatic synthesis of program sosies
Artificial software diversity: automatic synthesis of program sosiesArtificial software diversity: automatic synthesis of program sosies
Artificial software diversity: automatic synthesis of program sosiesFoCAS Initiative
 
Tailored source-code-transformation-synthesize-computationally-diverse-progra...
Tailored source-code-transformation-synthesize-computationally-diverse-progra...Tailored source-code-transformation-synthesize-computationally-diverse-progra...
Tailored source-code-transformation-synthesize-computationally-diverse-progra...FoCAS Initiative
 
Modelling Adaptation Policies As Domain-Specific Constraints
Modelling Adaptation Policies As Domain-Specific ConstraintsModelling Adaptation Policies As Domain-Specific Constraints
Modelling Adaptation Policies As Domain-Specific ConstraintsFoCAS Initiative
 
SOCIAL ADAPTATION OF ROBOTS FOR MODULATING SELF-ORGANIZATION IN ANIMAL SOCIETIES
SOCIAL ADAPTATION OF ROBOTS FOR MODULATING SELF-ORGANIZATION IN ANIMAL SOCIETIESSOCIAL ADAPTATION OF ROBOTS FOR MODULATING SELF-ORGANIZATION IN ANIMAL SOCIETIES
SOCIAL ADAPTATION OF ROBOTS FOR MODULATING SELF-ORGANIZATION IN ANIMAL SOCIETIESFoCAS Initiative
 

More from FoCAS Initiative (20)

Fundamentals of Collective Adaptive Systems Manifesto
Fundamentals of Collective Adaptive Systems ManifestoFundamentals of Collective Adaptive Systems Manifesto
Fundamentals of Collective Adaptive Systems Manifesto
 
Final FoCAS Newsletter, Issue Eight, Winter 2016
Final FoCAS Newsletter, Issue Eight, Winter 2016Final FoCAS Newsletter, Issue Eight, Winter 2016
Final FoCAS Newsletter, Issue Eight, Winter 2016
 
Optimal Floor Heating
Optimal Floor HeatingOptimal Floor Heating
Optimal Floor Heating
 
Advanced Manufacturing: An Industrial Application for Collective Adaptive Sys...
Advanced Manufacturing: An Industrial Application for Collective Adaptive Sys...Advanced Manufacturing: An Industrial Application for Collective Adaptive Sys...
Advanced Manufacturing: An Industrial Application for Collective Adaptive Sys...
 
FoCAS Newsletter Issue Seven
FoCAS Newsletter Issue SevenFoCAS Newsletter Issue Seven
FoCAS Newsletter Issue Seven
 
Wrangling Complex Systems
Wrangling Complex SystemsWrangling Complex Systems
Wrangling Complex Systems
 
Where Shall We Have Lunch? Problems For A Computer-aided Future
Where Shall We Have Lunch? Problems For A Computer-aided FutureWhere Shall We Have Lunch? Problems For A Computer-aided Future
Where Shall We Have Lunch? Problems For A Computer-aided Future
 
Sustainability Challenges In A Complex World
Sustainability Challenges In A Complex WorldSustainability Challenges In A Complex World
Sustainability Challenges In A Complex World
 
On Manipulating Attractors In Collective Behaviours Of Bio-hybrid Societies W...
On Manipulating Attractors In Collective Behaviours Of Bio-hybrid Societies W...On Manipulating Attractors In Collective Behaviours Of Bio-hybrid Societies W...
On Manipulating Attractors In Collective Behaviours Of Bio-hybrid Societies W...
 
The Liquid Computing Paradigm
The Liquid Computing ParadigmThe Liquid Computing Paradigm
The Liquid Computing Paradigm
 
Complexity And The Relationship Between Knowledge And Action
Complexity And The Relationship Between Knowledge And ActionComplexity And The Relationship Between Knowledge And Action
Complexity And The Relationship Between Knowledge And Action
 
FoCAS Newsletter Issue Six
FoCAS Newsletter Issue SixFoCAS Newsletter Issue Six
FoCAS Newsletter Issue Six
 
FoCAS Newsletter Issue Five
FoCAS Newsletter Issue FiveFoCAS Newsletter Issue Five
FoCAS Newsletter Issue Five
 
Temporal logics for multi-agent systems
Temporal logics for multi-agent systemsTemporal logics for multi-agent systems
Temporal logics for multi-agent systems
 
Advanced Systems Engineering
Advanced Systems EngineeringAdvanced Systems Engineering
Advanced Systems Engineering
 
Artificial software diversity: automatic synthesis of program sosies
Artificial software diversity: automatic synthesis of program sosiesArtificial software diversity: automatic synthesis of program sosies
Artificial software diversity: automatic synthesis of program sosies
 
Tailored source-code-transformation-synthesize-computationally-diverse-progra...
Tailored source-code-transformation-synthesize-computationally-diverse-progra...Tailored source-code-transformation-synthesize-computationally-diverse-progra...
Tailored source-code-transformation-synthesize-computationally-diverse-progra...
 
Modelling Adaptation Policies As Domain-Specific Constraints
Modelling Adaptation Policies As Domain-Specific ConstraintsModelling Adaptation Policies As Domain-Specific Constraints
Modelling Adaptation Policies As Domain-Specific Constraints
 
Quantified NTL
Quantified NTLQuantified NTL
Quantified NTL
 
SOCIAL ADAPTATION OF ROBOTS FOR MODULATING SELF-ORGANIZATION IN ANIMAL SOCIETIES
SOCIAL ADAPTATION OF ROBOTS FOR MODULATING SELF-ORGANIZATION IN ANIMAL SOCIETIESSOCIAL ADAPTATION OF ROBOTS FOR MODULATING SELF-ORGANIZATION IN ANIMAL SOCIETIES
SOCIAL ADAPTATION OF ROBOTS FOR MODULATING SELF-ORGANIZATION IN ANIMAL SOCIETIES
 

Recently uploaded

costume and set research powerpoint presentation
costume and set research powerpoint presentationcostume and set research powerpoint presentation
costume and set research powerpoint presentationphoebematthew05
 
My INSURER PTE LTD - Insurtech Innovation Award 2024
My INSURER PTE LTD - Insurtech Innovation Award 2024My INSURER PTE LTD - Insurtech Innovation Award 2024
My INSURER PTE LTD - Insurtech Innovation Award 2024The Digital Insurer
 
Unleash Your Potential - Namagunga Girls Coding Club
Unleash Your Potential - Namagunga Girls Coding ClubUnleash Your Potential - Namagunga Girls Coding Club
Unleash Your Potential - Namagunga Girls Coding ClubKalema Edgar
 
Bun (KitWorks Team Study 노별마루 발표 2024.4.22)
Bun (KitWorks Team Study 노별마루 발표 2024.4.22)Bun (KitWorks Team Study 노별마루 발표 2024.4.22)
Bun (KitWorks Team Study 노별마루 발표 2024.4.22)Wonjun Hwang
 
Streamlining Python Development: A Guide to a Modern Project Setup
Streamlining Python Development: A Guide to a Modern Project SetupStreamlining Python Development: A Guide to a Modern Project Setup
Streamlining Python Development: A Guide to a Modern Project SetupFlorian Wilhelm
 
Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 365
Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 365Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 365
Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 3652toLead Limited
 
Kotlin Multiplatform & Compose Multiplatform - Starter kit for pragmatics
Kotlin Multiplatform & Compose Multiplatform - Starter kit for pragmaticsKotlin Multiplatform & Compose Multiplatform - Starter kit for pragmatics
Kotlin Multiplatform & Compose Multiplatform - Starter kit for pragmaticscarlostorres15106
 
Understanding the Laravel MVC Architecture
Understanding the Laravel MVC ArchitectureUnderstanding the Laravel MVC Architecture
Understanding the Laravel MVC ArchitecturePixlogix Infotech
 
Build your next Gen AI Breakthrough - April 2024
Build your next Gen AI Breakthrough - April 2024Build your next Gen AI Breakthrough - April 2024
Build your next Gen AI Breakthrough - April 2024Neo4j
 
Making_way_through_DLL_hollowing_inspite_of_CFG_by_Debjeet Banerjee.pptx
Making_way_through_DLL_hollowing_inspite_of_CFG_by_Debjeet Banerjee.pptxMaking_way_through_DLL_hollowing_inspite_of_CFG_by_Debjeet Banerjee.pptx
Making_way_through_DLL_hollowing_inspite_of_CFG_by_Debjeet Banerjee.pptxnull - The Open Security Community
 
Swan(sea) Song – personal research during my six years at Swansea ... and bey...
Swan(sea) Song – personal research during my six years at Swansea ... and bey...Swan(sea) Song – personal research during my six years at Swansea ... and bey...
Swan(sea) Song – personal research during my six years at Swansea ... and bey...Alan Dix
 
Transcript: #StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
Transcript: #StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024Transcript: #StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
Transcript: #StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024BookNet Canada
 
Benefits Of Flutter Compared To Other Frameworks
Benefits Of Flutter Compared To Other FrameworksBenefits Of Flutter Compared To Other Frameworks
Benefits Of Flutter Compared To Other FrameworksSoftradix Technologies
 
SQL Database Design For Developers at php[tek] 2024
SQL Database Design For Developers at php[tek] 2024SQL Database Design For Developers at php[tek] 2024
SQL Database Design For Developers at php[tek] 2024Scott Keck-Warren
 
Pigging Solutions in Pet Food Manufacturing
Pigging Solutions in Pet Food ManufacturingPigging Solutions in Pet Food Manufacturing
Pigging Solutions in Pet Food ManufacturingPigging Solutions
 
Pigging Solutions Piggable Sweeping Elbows
Pigging Solutions Piggable Sweeping ElbowsPigging Solutions Piggable Sweeping Elbows
Pigging Solutions Piggable Sweeping ElbowsPigging Solutions
 
Kotlin Multiplatform & Compose Multiplatform - Starter kit for pragmatics
Kotlin Multiplatform & Compose Multiplatform - Starter kit for pragmaticsKotlin Multiplatform & Compose Multiplatform - Starter kit for pragmatics
Kotlin Multiplatform & Compose Multiplatform - Starter kit for pragmaticsAndrey Dotsenko
 
Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...
Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...
Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...shyamraj55
 

Recently uploaded (20)

costume and set research powerpoint presentation
costume and set research powerpoint presentationcostume and set research powerpoint presentation
costume and set research powerpoint presentation
 
My INSURER PTE LTD - Insurtech Innovation Award 2024
My INSURER PTE LTD - Insurtech Innovation Award 2024My INSURER PTE LTD - Insurtech Innovation Award 2024
My INSURER PTE LTD - Insurtech Innovation Award 2024
 
Unleash Your Potential - Namagunga Girls Coding Club
Unleash Your Potential - Namagunga Girls Coding ClubUnleash Your Potential - Namagunga Girls Coding Club
Unleash Your Potential - Namagunga Girls Coding Club
 
Bun (KitWorks Team Study 노별마루 발표 2024.4.22)
Bun (KitWorks Team Study 노별마루 발표 2024.4.22)Bun (KitWorks Team Study 노별마루 발표 2024.4.22)
Bun (KitWorks Team Study 노별마루 발표 2024.4.22)
 
Streamlining Python Development: A Guide to a Modern Project Setup
Streamlining Python Development: A Guide to a Modern Project SetupStreamlining Python Development: A Guide to a Modern Project Setup
Streamlining Python Development: A Guide to a Modern Project Setup
 
Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 365
Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 365Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 365
Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 365
 
Kotlin Multiplatform & Compose Multiplatform - Starter kit for pragmatics
Kotlin Multiplatform & Compose Multiplatform - Starter kit for pragmaticsKotlin Multiplatform & Compose Multiplatform - Starter kit for pragmatics
Kotlin Multiplatform & Compose Multiplatform - Starter kit for pragmatics
 
Understanding the Laravel MVC Architecture
Understanding the Laravel MVC ArchitectureUnderstanding the Laravel MVC Architecture
Understanding the Laravel MVC Architecture
 
Build your next Gen AI Breakthrough - April 2024
Build your next Gen AI Breakthrough - April 2024Build your next Gen AI Breakthrough - April 2024
Build your next Gen AI Breakthrough - April 2024
 
Making_way_through_DLL_hollowing_inspite_of_CFG_by_Debjeet Banerjee.pptx
Making_way_through_DLL_hollowing_inspite_of_CFG_by_Debjeet Banerjee.pptxMaking_way_through_DLL_hollowing_inspite_of_CFG_by_Debjeet Banerjee.pptx
Making_way_through_DLL_hollowing_inspite_of_CFG_by_Debjeet Banerjee.pptx
 
Swan(sea) Song – personal research during my six years at Swansea ... and bey...
Swan(sea) Song – personal research during my six years at Swansea ... and bey...Swan(sea) Song – personal research during my six years at Swansea ... and bey...
Swan(sea) Song – personal research during my six years at Swansea ... and bey...
 
The transition to renewables in India.pdf
The transition to renewables in India.pdfThe transition to renewables in India.pdf
The transition to renewables in India.pdf
 
Transcript: #StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
Transcript: #StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024Transcript: #StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
Transcript: #StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
 
Vulnerability_Management_GRC_by Sohang Sengupta.pptx
Vulnerability_Management_GRC_by Sohang Sengupta.pptxVulnerability_Management_GRC_by Sohang Sengupta.pptx
Vulnerability_Management_GRC_by Sohang Sengupta.pptx
 
Benefits Of Flutter Compared To Other Frameworks
Benefits Of Flutter Compared To Other FrameworksBenefits Of Flutter Compared To Other Frameworks
Benefits Of Flutter Compared To Other Frameworks
 
SQL Database Design For Developers at php[tek] 2024
SQL Database Design For Developers at php[tek] 2024SQL Database Design For Developers at php[tek] 2024
SQL Database Design For Developers at php[tek] 2024
 
Pigging Solutions in Pet Food Manufacturing
Pigging Solutions in Pet Food ManufacturingPigging Solutions in Pet Food Manufacturing
Pigging Solutions in Pet Food Manufacturing
 
Pigging Solutions Piggable Sweeping Elbows
Pigging Solutions Piggable Sweeping ElbowsPigging Solutions Piggable Sweeping Elbows
Pigging Solutions Piggable Sweeping Elbows
 
Kotlin Multiplatform & Compose Multiplatform - Starter kit for pragmatics
Kotlin Multiplatform & Compose Multiplatform - Starter kit for pragmaticsKotlin Multiplatform & Compose Multiplatform - Starter kit for pragmatics
Kotlin Multiplatform & Compose Multiplatform - Starter kit for pragmatics
 
Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...
Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...
Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...
 

Search Diverse Models for Proactive Software Diversification

  • 1. Searching Architecture Models for Proactive Software Diversification Benoit Baudry joint work with J. Bourcier, F. Fouquet, S. Allier, M. Monperrus 1
  • 3. Software monoculture • Massive monoculture at the bottom of the software stack • operating system, web servers • Emerged with the increase " of the software market • personnal computers • Internet 3 virtual machines operating system frameworks HAL libraries applications
  • 5. Software monoculture – web servers 5
  • 7. Risks very well known • Single point of failure • Cascading effects • error / virus propagation • BOBE • blow one, blow everything • Massive reuse of attack vectors 7 120 March 2004/Vol. 47, No.3 COMMUNICATIONS OF THE ACM T he W32/Blaster worm burst onto the Internet scene in August of 2003. By exploiting a buffer overflow in Windows, the worm was able to infect more than 1.4 million systems worldwide in less than a month. More diversity in the OS market would have limited the number of suscep- tible systems, thereby reducing the level of infection. An analogy with biological systems is irresistible. When a disease strikes a biological system, a sig- nificant percentage of the affected population will survive, largely due to its genetic diversity. This holds true even for previously unknown diseases. By anal- ogy, diverse computing systems should weather cyber attacks better than systems that tend toward mono- culture. But how valid is the analogy? It could be argued that the case for computing diversity is even stronger than the case for biological diversity. In bio- logical systems, attackers find their targets at random, while in computing systems, monoculture creates more incentive for attack because the results will be all the more spectacular. On the other hand, it might be argued that cyber-monoculture has arisen via nat- ural selection—providers with the best security prod- ucts have survived to dominate the market. Given the dismal state of computer security today, this argument is not particularly persuasive. Although cyber-diversity evidently provides secu- rity benefits, why do we live in an era of relative com- puting monoculture? The first-to-market advantage and the ready availability of support for popular prod- ucts are examples of incentives that work against diversity. The net result is a “tragedy of the (security) commons” phenomenon—the security of the Internet as a whole could benefit from increased diversity, but individuals have incentives for monoculture. It is unclear how proposals aimed at improving com- puting security might affect cyber-diversity. For exam- ple, increased liability for software providers is often suggested as a market-oriented approach to improved security. However, such an approach might favor those with the deepest pockets, leading to less diversity. Although some cyber-diversity is good, is more diversity better? Virus writers in particular have used diversity to their advantage; polymorphic viruses are currently in vogue. Such viruses are generally encrypted with a weak cipher, using a new key each time the virus propagates, thus confounding signature-based detection. However, because the decryption routine cannot be encrypted, detection is still possible. Virus writers are on the verge of unleashing so-called metamorphic viruses, where the body of the virus itself changes each time it propa- gates. This results in viruses that are functionally equivalent, with each instance of the virus containing distinct software. Detection of metamorphic viruses will be extremely challenging. Is there defensive value in software diversity of the metamorphic type? Suppose we produce a piece of software that contains a common vulnerability, say, a buffer overflow. If we simply clone the software—as is standard practice—each copy will contain an iden- tical vulnerability, and hence an identical attack will succeed against each clone. Instead, suppose we cre- ate metamorphic instances, where all instances are functionally equivalent, but each contains signifi- cantly different code. Even if each instance still con- tains the buffer overflow, an attacker will probably need to craft multiple attacks for multiple instances. The damage inflicted by any individual attack would thereby be reduced and the complexity of a large- scale attack would be correspondingly increased. Fur- thermore, a targeted attack on any one instance would be at least as difficult as in the cloning case. Common protocols and standards are necessary in order for networked communication to succeed and, clearly, diversity cannot be applied to such areas of commonality. For example, diversity cannot help pre- vent a protocol-level attack such as TCP SYN flooding. But diversity can help mitigate implementation-level attacks, such as exploiting buffer overflows. As with many security-related issues, quantifying the potential benefits of diversity is challenging. In addition, meta- morphic diversity raises significant questions regarding software development, performance, and maintenance. In spite of these limitations and concerns, there is con- siderable interest in cyber-diversity, both within the research community and in industry; for an example of the former, see www.newswise.com/articles/view/502136/ and for examples of the latter, see the Cloakware.com Web site or Microsoft’s discussion of individualization in the Windows Media Rights Manager. Mark Stamp (stamp@cs.sjsu.edu), an assistant professor of computer science at San Jose State University, recently spent two years working on diverse software for MediaSnap, Inc. c Risks of Monoculture PAULWATSON Inside Risks Mark Stamp
  • 9. Software diversity • In operating systems • Seminal papers in the 1990’s • Fred Cohen 1993 « Operating system protection through program evolution » • Stephanie Forrest 1997 « Building Diverse Computer Systems » • For security purposes • mitigate code injection, buffer overflows 9
  • 10. Instruction set randomization 10 Encryption Key Compile Load In memory Execution Decryption Key Randomized instruction set emulation. EG Barrantes, DH Ackley, S Forrest, D Stefanović. ACM TISSEC, 8 (1), 3-40
  • 11. Software diversity • Address space layout randomization • randomize binary addresses at load time • a program’s address space is different on each machine • Deployed in all mainstream operating systems • Effective against buffer overflows 11
  • 13. Software monoculture today • Continues growing in upper levels of the software stack • libraries, frameworks, IDEs, CMS, search engine, browser, etc. • Pushed by GOOD reasons • software engineering practices: " modularity and reuse • compatibility and interoperability • maintenance and evolution costs reduction • economical motivations 13 virtual machines operating system frameworks HAL libraries applications
  • 14. The case of Wordpress • CMS monoculture • March 2014: more than 20% of 500000 top site use Wordpress • Plugins monoculture • 64% use the Akismet plugin • 23% use Jetpack, known to have an SQL injection vulnerability 14 “Multi-tier diversification in Internet-based software applications”. Simon Allier, Olivier Barais, Benoit Baudry, Johann Bourcier, Erwan Daubert, Franck Fleurey, Martin Monperrus, Hui Song, Maxime Tricoire. To appear in IEEE Software, Jan 2015
  • 15. The case of Wordpress 15 110000 web sites mean of 5 plugins per site
  • 27. Apps 27 Huge reservoir of functionally similar software solutions
  • 28. Yet, software systems remain highly homogeneous 28
  • 29. Take-away • Software monocultures exist • at a very large scale • in application level code • Software diversity exists • machine-code level • Alternative software solutions emerge • must be exploited • Next challenge: diversify applications in a proactive/automatic way 29
  • 30. Our claim MDE and SBSE can spur aplication software diversity radiation 30
  • 32. Server side software stack 32 RingoJS Rhino MDMS JVM RedisDB OS
  • 33. Server side deployment 33 Nginx load balancer http request Internet config 0 Monoculture deployment of MDMS config 0 config 0 config 0config 0config 0
  • 34. Server side deployment 34 Nginx load balancer http request Internet config 1 config 2 config 3 config 4 config 5 config 6 Multi-diversified deployment of MDMS diverse JS interpreters diverse JVMs diverse OSs diverse clouds
  • 35. Where models can support diversification 35 Nginx load balancer http request Internet config 1 config 2 config 3 config 4 config 5 config 6 Multi-diversified deployment of MDMS formal dependencies trade-off between diversity and other criteria Models provide abstractions to formalize the space for diversification and sustain software diversity, system- wise, over time
  • 36. Searching for diverse architectures • A reservoir of software diversity • natural diversity of OS or JVM • automatic diversification of the JS interpreter • Automatic reasoning on the architecture • find valid, diverse deployment architectures • Actual deployment of a diverse architecture • deploy the solution on a distributed setting 36
  • 37. Synthesizing a diversity reservoir • Sosies • a sosie program is a variant of a program that passes the same test suite • Synthesized thousands of sosies • deleting or adding / replacing statements by others from the same program • Synthesized 843 RingoJS sosies • that can be executed from the MDMS client 37 “Tailored Source Code Transformations to Synthesize Computationally Diverse Program Variants”. Benoit Baudry Simon Allier, Martin Monperrus. ISSTA 2014
  • 38. Architecture modeling 38 • Component-based software engineering Node 1 Load Balancer Node 2 MdMS Node 3 MdMS Node 4 MdMS JVM = HotSpot JVM = HotSpot JVM = HotSpot
  • 39. Node 1 Load Balancer Node 2 MdMS Node 3 MdMS Node 4 MdMS JVM = OpenJDK JVM = JRockit JVM = HotSpot Architecture modeling
  • 40. Architecture modeling •  Component •  Code unit •  I/O ports •  Channel •  Communication between components •  Node •  Execution platform for components •  Group •  Group nodes together to have a consistent model
  • 41. Kevoree for distributed deployment • An open-source framework • A structural model that represents the distributed running system and that can be synchronized in both directions on-demand On- demand synchroni zation
  • 42. Kevoree for distributed deployment 42 4 2
  • 43. Synthesizing software architecture • Given a reservoir of diverse software components • natural diversity of VMs, JVMs, machines • automatic diversity: sosie RingoJS • What is the the good trade-off between • capacity • cost • diversity: need to estimate ‘good’ diversity 43
  • 44. Polymer Framework • Polymer • Open-source framework to enable runtime usage of SBSE techniques • Works to make SSBSE usable @Runtime • Define dedicated domains, actions, fitness • Find heuristics to converge faster to acceptable tradeoffs
  • 45. Polymer • Leverage the KMF framework to reason on domain models • Mutation, Fitness, and crossover are defined as model transformation • Multi-objectives • Extensible framework • Define your own model, your own operators, your own fitnesses, define your own search algorithm Implemented algorithms : Genetic (MOEAd, NSGAII), Greedy (progression each steps), Local Full Search
  • 46. Node Concrete domain example Cloud JVM : EString O..* nodes id : EString Component O..* components name: EString Load Balancer MdMS sosie: EString
  • 47. Domain model id:EString JVM: EString Node Cloud name: EString Component sosie: EString MDMS LoadBalancer 0..*components 0..* nodes
  • 48. Polymer usage GeneticEngine<Cloud> engine = new GeneticEngine<Cloud>(); engine.setAlgorithm(GeneticAlgorithm.EpsilonCrowdingNSGII); engine.addOperator(new AddNodeMutator()); engine.addOperator(new RemoveNodeMutator()); engine.addOperator(new AddComponentMutator()); … engine.addFitnessFuntion(new CloudCostFitness()); engine.addFitnessFuntion(new CloudCapacityFitness()); engine.addFitnessFuntion(new CloudDiversityFitness()); … engine.setMaxGeneration(300); engine.run(); The model to use The Search algorithm to use The mutation operators to use The fitnesses to use Fix search parameters Run
  • 50. Defining the cost Fitness function evaluate(cloud : CloudModel) : Double { ... return sum(cloud.getNodes.price); ... } Usage of model elements
  • 51. Defining the capacity Fitness function evaluate(cloud : CloudModel) : Double { ... return sum(cloud.getNodes.capacity); ... } Usage of model elements
  • 52. Defining the Diversity Fitness function evaluate(cloud : CloudModel) : Double { ... return extinctionSequence(cloud); ... } This function computes a value corresponding to the extinction sequence of the cloud given in parameters Usage of model elements
  • 53. Diversity fitness: robustness Percentage  of  plant  species  deleted:    ex$nc$on  sequence   Memmo4  et  al.  2004   Robustness: how fast extinctions lead to collapse of other species (secondary extinctions) Percentage  of  remaining  species  
  • 54. Extinction sequence algorithm 1.  While the application still provides a service 1.  We select a specific component A •  Such as a specific sosies of MdMS 2.  We kill all the instances of A 3.  We evaluate the capacity of the system to serve user request and incrementally draw a curve 2.  We measure the area behind the curve to determine the robustness of the system
  • 55. Robustness Measurement • Quantifies the resistance of the graph to random perturbations • Reports the change in apps alive as the platforms are individually killed • Robust networks allow the maximum amount of apps to remain alive in the face of systemic platform death 55
  • 56. Conclusion • Software monocultures grow at all levels in software stacks • for good engineering and business reasons • MDE and SBSE can be key enablers to balance this natural phenomenon • abstractions that characterize the diverse components • search-based techniques that sustain diversity 56
  • 57. References •  « Multi-tier diversification in Internet-based software applications ». Simon Allier, Olivier Barais, Benoit Baudry, Johann Bourcier, Erwan Daubert, Franck Fleurey, Martin Monperrus, Hui Song, Maxime Tricoire. To appear in IEEE Software, Jan 2015 •  « Tailored source code transformations to synthesize computationally diverse program variants ». Benoit Baudry, Simon Allier, and Martin Monperrus. ISSTA 2014. •  « Optimizing Multi-Objective Evolutionary Algorithms to enable Quality- Aware Software Provisioning ». Donia El Kateb, Francois Fouquet, Johann Bourcier, Yves Le Traon. QSIC 2014 •  http://kevoree.org/polymer/ •  http://kevoree.org/ •  https://github.com/INRIA/spoon •  http://diversify-project.eu/ 57