Quantifying Cybersecurity Effectiveness of Software Diversity

11/19/2021
by   Huashan Chen, et al.
0

The deployment of monoculture software stacks can cause a devastating damage even by a single exploit against a single vulnerability. Inspired by the resilience benefit of biological diversity, the concept of software diversity has been proposed in the security domain. Although it is intuitive that software diversity may enhance security, its effectiveness has not been quantitatively investigated. Currently, no theoretical or empirical study has been explored to measure the security effectiveness of network diversity. In this paper, we take a first step towards ultimately tackling the problem. We propose a systematic framework that can model and quantify the security effectiveness of network diversity. We conduct simulations to demonstrate the usefulness of the framework. In contrast to the intuitive belief, we show that diversity does not necessarily improve security from a whole-network perspective. The root cause of this phenomenon is that the degree of vulnerability in diversified software implementations plays a critical role in determining the security effectiveness of software diversity.

READ FULL TEXT
research
12/15/2021

Quantifying Cybersecurity Effectiveness of Dynamic Network Diversity

The deployment of monoculture software stacks can have devastating conse...
research
07/16/2020

Vulnerability-Aware Resilient Networks: Software Diversity-based Network Adaptation

By leveraging the principle of software polyculture to ensure security i...
research
02/13/2019

Vulnerability Prediction Based on Weighted Software Network for Secure Software Building

To build a secure communications software, Vulnerability Prediction Mode...
research
04/29/2019

Algorithm Diversity for Resilient Systems

Diversity can significantly increase the resilience of systems, by reduc...
research
11/14/2022

Quality-diversity in dissimilarity spaces

The theory of magnitude provides a mathematical framework for quantifyin...
research
01/13/2023

Data Quality for Software Vulnerability Datasets

The use of learning-based techniques to achieve automated software vulne...
research
05/07/2019

From GenderMag to InclusiveMag: An Inclusive Design Meta-Method

How can software practitioners assess whether their software supports di...

Please sign up or login with your details

Forgot password? Click here to reset