Automated and Adaptive Diversity for Improving Computer System Security
PI: Stephanie Forrest
Abstract: Diversity is an important source of robustness in biological systems. Because each individual has slightly different properties, it is unlikely that any single pathogen will eliminate or escape the entire population. By contrast, today's computer systems are largely homogeneous, being overwhelmingly dominated by one or two operating systems and a few common applications from a handful of software vendors. This fact is routinely exploited by attackers via Internet worms such as Code Red, which infected over 250,000 systems in just nine hours using a single buffer overflow vulnerability.
The project will develop methods for diversifying computer systems automatically and systematically -- exploring diversity at various levels of a system and for various purposes, e.g., to make a system more difficult to compromise, to make a system more difficult to damage even after a successful compromise, and to make it more difficult for a successful compromise to evade detection. In order to succeed, many of the mechanisms explored in this work must hide or disguise information about system specifics from an attacker, and this theme will underlie several of the projects.
