Academic
Publications
The Monoculture Risk Put into Context

The Monoculture Risk Put into Context,10.1109/MSP.2009.24,IEEE Security & Privacy,Kenneth P. Birman,Fred B. Schneider

The Monoculture Risk Put into Context   (Citations: 4)
BibTex | RIS | RefWorks Download
Conventional wisdom holds that software monocultures are exceptionally vulnerable to malware outbreaks. The authors argue that this oversimplifies and misleads. An analysis based on attacker reactions suggests that deploying a monoculture in conjunction with automated diversity is indeed a very sensible defense.
Journal: IEEE Security & Privacy , vol. 7, no. 1, pp. 14-17, 2009
Cumulative Annual
View Publication
The following links allow you to view full publications. These links are maintained by other sources not affiliated with Microsoft Academic Search.
    • ...In addition, interoperability and standardization is easier to be achieved and maintained in a monoculture [2]...
    • ...In a monoculture, when a piece of malware manage to intrude in one member of the monoculture, in a similar way it can affect the rest of them because all share the same vulnerabilities [1, 3]. Currently, there is a great controversy whether the benefits of cyberdiversity could be overshadowed by its side-effects [1 - 8]...
    • ...Several position papers that assess the value of cyberdiversity have been lately published [1 - 8]. Also, there are numerous papers that present various methods for the automated introduction of cyberdiversity into source or binary code...

    Konstantinos Kravvaritiset al. Cyberdiversity: Measures and Initial Results

    • ...(For other forms of ‘non-technological’ attacks, see [5].) Code injection attacks exploit such an error to achieve (1) injecting malicious code, and (2) changing existing control information (e.g., return address) to have the code executed...
    • ...As pointed out in [5] and [8], these randomization techniques offer not just efficient defences against intrusions but also cost-effective means of injecting diversity within a replicated system...

    Dylan Clarkeet al. Assessing the attack resilience capabilities of a fortified primary-ba...

    • ...However, in [4], Birman and Schneider argue that the risk of monocultures may be overstated because of the many different environments in which software products are installed...

    C. Warren Axelrod. Risks of unrecognized commonalities in information technology supply c...

    • ...As the same time, the debate about the monoculture approach of IT management has resurfaced [7]...
    • ..."It is believed that a collection of identical computing platforms is easier, hence cheaper, to manage because making one set of configuration decisions suffices for all." Some [7] argue that deploying a monoculture could be a good defense if the configurations used are well tested and well understood...
    • ...Those that believe the latter have suggested introducing artificial diversity to confuse attackers ( [7,9,26,27])...
    • ...Here, with full-diversity, the bulk of the user population has an FP rate of about0.01, but the detection rates are wildly different across the hosts (most between[0.3,0.7])...
    • ...<{[SECTION]}>7. CONCLUSIONS AND FUTURE WORK...

    Dhiman Barmanet al. Impact of IT monoculture on behavioral end host intrusion detection

Sort by: