Addressing the monoculture

@article{Goth2003AddressingTM,
  title={Addressing the monoculture},
  author={Greg Goth},
  journal={IEEE Security \& Privacy Magazine},
  year={2003},
  volume={99},
  pages={8-10}
}
  • G. Goth
  • Published 1 November 2003
  • Computer Science
  • IEEE Security & Privacy Magazine
8 PUBLISHED BY THE IEEE COMPUTER SOCIETY 1540-7993/03/$17.00 © 2003 IEEE IEEE SECURITY & PRIVACY A new term has bubbled out of the specialized arena of academic nomenclature and into the mainstream, from daily newspaper columns to transcripts of Congressional hearings. That term is “monoculture.” According to some of the leading computer-security experts in the US, the dominance of Microsoft’s Windows operating system has created an unsafe monoculture, in which critical networks and… 

Software Self-Healing Using Collaborative Application Communities

The concept of Application Communities is introduced and it is shown that ACs are practical and feasible for current applications: an AC of 15,000 members can collaboratively monitor Apache for new faults and immunize all members against them with only a 6% performance degradation for each member.

Towards a Theory of Software Diversity for Security

This thesis provides a framework for investigating software diversity in the context of security by proposing a simple model of a software ecosystem using sets of hosts and vulnerabilities represented as a bipartite graph and exhibiting a few examples of software security problems formulated precisely enough in this model to admit rigorous analysis.

Security through network-wide diversity assignment

This dissertation makes diversity a viable security strategy despite the limited number of diverse systems, and shows that the attack tolerance of the algorithms can be increased by presenting an attacker with a diversity of graph coloring algorithms.

A Survey of Randomization Techniques Against Common Mode Attacks

This paper examines some of the most significant proposed approaches to the introduction of artificial diversity in systems as a means for countering common mode attacks in software systems.

Automatic Diversity in the Software Supply Chain

ARGO, a proof-of-concept implementation of a Library Substitution Framework that harnesses the diversity of JSON suppliers, is developed and empirical results show the capacity of the framework to diversify the supply chain of the client applications of the libraries it targets.

Application communities: using monoculture for dependability

A set of parameters that define an Application Communities (AC) are proposed and the tradeoffs between the minimal size of an AC, the marginal overhead imposed on each member, and the speed with which new faults are detected are explored.

Cyberdiversity: Measures and Initial Results

A novel approach is introduced that measures the existing diversity in software by collecting specific information and then process it in order to find distinct similarities or differences within software.

Software diversity as a defense against viral propagation: models and simulations

It is shown that one can increase the epidemic threshold of a network even with a naive, random distribution of diverse software on the nodes of anetwork, and the value of strategic topology-sensitive assignment of diversity to improving the tolerance of a networks to malcode propagation is confirmed.

Software self-healing using error virtualization

This dissertation introduces and evaluates a set of techniques for recovering program execution in the presence of faults by effectively retrofitting legacy applications with exception handling techniques, Error Virtualization and ASSURE, and describes two deployment mechanisms that can reduce the cost of monitoring the application and, in turn, enable efficient deployment strategies for error virtualization systems.

On the Evolution of Malware Species

The departure of the democratic virus writing model in which even moderate programmers managed to create successful virus strains to an entirely aristocratic ecosystem of highly evolved malcode is demonstrated.