slide1
Download
Skip this Video
Download Presentation
Trusted Systems Laboratory Hewlett-Packard Laboratories Bristol, UK

Loading in 2 Seconds...

play fullscreen
1 / 27

Trusted Systems Laboratory Hewlett-Packard Laboratories Bristol, UK - PowerPoint PPT Presentation


  • 180 Views
  • Uploaded on

Reducing Risks of Widespread Faults and Attacks for Commercial Applications: Towards Diversity Of Software Components. Marco Casassa Mont Adrian Baldwin Yolanta Beres Keith Harrison Martin Sadler Simon Shiu. Trusted Systems Laboratory Hewlett-Packard Laboratories Bristol, UK.

loader
I am the owner, or an agent authorized to act on behalf of the owner, of the copyrighted work described.
capcha
Download Presentation

PowerPoint Slideshow about 'Trusted Systems Laboratory Hewlett-Packard Laboratories Bristol, UK' - menora


An Image/Link below is provided (as is) to download presentation

Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author.While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server.


- - - - - - - - - - - - - - - - - - - - - - - - - - E N D - - - - - - - - - - - - - - - - - - - - - - - - - -
Presentation Transcript
slide1

Reducing Risks of Widespread

Faults and Attacks for

Commercial Applications:

Towards Diversity

Of Software Components

Marco Casassa Mont

Adrian Baldwin

Yolanta Beres

Keith Harrison

Martin Sadler

Simon Shiu

Trusted Systems Laboratory

Hewlett-Packard Laboratories

Bristol, UK

COMPSAC 2002

Oxford,26-29 August 2002

slide2

Outline

  • Recent Trends in Commercial Software
  • Problem: Large Scale Attacks and Faults due to
  • Lack of Software Diversity
  • Software Diversity: Current Approaches
  • An Alternative Approach to Diversity
  • Work in Progress: Experiments …
  • Conclusions
slide5

Problem

Lack of Diversity of

Commercial Software

with Large Installation base

slide6

Software Diversity:

Current Approaches

slide7

SW

Version 1

SW

Version 2

Decision

Algorithms,

Voting

SW

Version 3

Software Diversity:

Current Approaches

slide8

SW

Version 1

SW

Version 2

Decision

Algorithms,

Voting

SW

Version 3

Software Diversity:

Current Approaches

slide9

Software Diversity:

Current Approaches

slide12

Requirements vs.

Prior Art Solutions

slide13

Commercial Software

foundation classes

(.NET, JDK, …)

.dlls

.class

  • Usually Made of Components
  • Components have well defined Interfaces (APIs)
slide14

Proposed Approach

Diversity at the Installation Time

slide15

Proposed Approach

Diversity at the Installation Time

Component X

Implementation 2

Implementation 1

Implementation 3

SW Installation

Implementation 2

slide16

Software

A: A.1, A.2

B: B.1

C: C.1, C.2, C.3

Multiple

Available

Implementations

Installation

Script

Software

Components

A B C

Software

Installer

Random-selector

Module

Installation

Knowledge

base

Installation

Engine

Installation 1

Installation 2

Persistent

Configuration

File

A.2

B.1

C.3

A.1

B.1

C.2

Model

Installation

Package

Installed

Software

slide17

Variants of the Model

For Organisations, Enterprises, etc.:

slide19

Experiments

  • We Built a Simulator to Experiment about the Effectiveness
  • of the Proposed Model.
  • Scenario: Large Population of Systems Under Attack by a
  • Worm with a Behaviour Similar to Code Red
  • Setting: Creation of a Number of Virtual Machines (6000)
  • each with an IP Address and a List of the Installed
  • Components
slide20

Component

Implementations

Time

Experiment #1

  • Hypothesis: Only 1 Type of Component is Infectable by the Virus
  • Progressively Increase the Diversity of the Targeted Component
  • (Number Of Alternative Implementations: Ranging from 1 to 6)
slide21

Implementation

Implementations

Implementations

Time

Experiment #2

  • Hypothesis: All Component Implementations are Infectable by the Virus
  • Multiple Attack Strategies of the Virus, each Targeting a Specific
  • Implementation
  • Increase the Diversity of the Targeted Component
  • (Number Of Alternative Implementations: Ranging from 1 to 3)
slide26

Conclusions

1. Importance of Addressing the Lack of Diversity for Widely

Deployed Commercial Software.

2. Importance of Effectively Protecting a Large Population of

Systems as a Whole Entity, rather than Single Systems.

3. We Propose an Alternative Model for Diversity based on Multiple Implementations of Critical Components and Their Random Installation, at the Deployment time: No Need for Additional Resources.

4. Work in Progress: we are Learning by making more

Experiments and Real Development of Applications based on

our Method …

ad