Security through redundant data diversity

14 years 6 months ago

Download www.cs.virginia.edu

Unlike other diversity-based approaches, N-variant systems thwart attacks without requiring secrets. Instead, they use redundancy (to require an attacker to simultaneously compromise multiple variants with the same input) and tailored diversity (to make it impossible to compromise all the variants with the same input for given attack classes). In this work, we develop a method for using data diversity in N-variant systems to provide high-assurance arguments against a class of data corruption attacks. Data is transformed in the variants so identical concrete data values have different interpretations. In order to corrupt the data without detection, an attacker would need to alter the corresponding data in each variant in a different way while sending the same inputs to all variants. We demonstrate our approach with a case study using that thwarts attacks that corrupt UID values.

Anh Nguyen-Tuong, David Evans, John C. Knight, Ben

Real-time Traffic

Computer Networks | Data Corruption Attacks | DSN 2008 | N-variant Systems | Systems Thwart Attacks |

claim paper

Post Info
More Details (n/a)

Added	29 May 2010
Updated	29 May 2010
Type	Conference
Year	2008
Where	DSN
Authors	Anh Nguyen-Tuong, David Evans, John C. Knight, Benjamin Cox, Jack W. Davidson

Comments (0)

Sciweavers

Security through redundant data diversity

Computer Networks | Data Corruption Attacks | DSN 2008 | N-variant Systems | Systems Thwart Attacks |

Explore & Download

Productivity Tools

Document Tools

Image Tools

Sciweavers