Multidimensional Diversity Employment for Software Behavior Encryption
Title | Multidimensional Diversity Employment for Software Behavior Encryption |
Publication Type | Conference Paper |
Year of Publication | 2014 |
Authors | Azab, M. |
Conference Name | New Technologies, Mobility and Security (NTMS), 2014 6th International Conference on |
Date Published | March |
Keywords | autonomic failure recovery mechanism, avalanche effect percentage, behaviorally-mutated functionally-equivalent code variants, CBE mechanism, ChameleonSoft Behavior Encryption, ChameleonSoft recovery mechanisms, computational complexity, computational cost, confusion levels, cryptography, diffusion levels, Employment, Encryption, moving target defense, multidimensional software diversity employment, multidimensional systems, online programmable software-execution foundation separating logic, resilience, Runtime, security level, security provisioning, Software, software fault tolerance, software monoculture, Spatiotemporal phenomena, spatiotemporal software behavior encryption, System recovery, system resilience |
Abstract | Modern cyber systems and their integration with the infrastructure has a clear effect on the productivity and quality of life immensely. Their involvement in our daily life elevate the need for means to insure their resilience against attacks and failure. One major threat is the software monoculture. Latest research work demonstrated the danger of software monoculture and presented diversity to reduce the attack surface. In this paper, we propose ChameleonSoft, a multidimensional software diversity employment to, in effect, induce spatiotemporal software behavior encryption and a moving target defense. ChameleonSoft introduces a loosely coupled, online programmable software-execution foundation separating logic, state and physical resources. The elastic construction of the foundation enabled ChameleonSoft to define running software as a set of behaviorally-mutated functionally-equivalent code variants. ChameleonSoft intelligently Shuffle, at runtime, these variants while changing their physical location inducing untraceable confusion and diffusion enough to encrypt the execution behavior of the running software. ChameleonSoft is also equipped with an autonomic failure recovery mechanism for enhanced resilience. In order to test the applicability of the proposed approach, we present a prototype of the ChameleonSoft Behavior Encryption (CBE) and recovery mechanisms. Further, using analysis and simulation, we study the performance and security aspects of the proposed system. This study aims to assess the provisioned level of security by measuring the avalanche effect percentage and the induced confusion and diffusion levels to evaluate the strength of the CBE mechanism. Further, we compute the computational cost of security provisioning and enhancing system resilience. |
DOI | 10.1109/NTMS.2014.6814033 |
Citation Key | 6814033 |
- multidimensional software diversity employment
- system resilience
- System recovery
- spatiotemporal software behavior encryption
- Spatiotemporal phenomena
- software monoculture
- software fault tolerance
- Software
- security provisioning
- security level
- Runtime
- resilience
- online programmable software-execution foundation separating logic
- multidimensional systems
- autonomic failure recovery mechanism
- moving target defense
- encryption
- Employment
- diffusion levels
- Cryptography
- confusion levels
- computational cost
- computational complexity
- ChameleonSoft recovery mechanisms
- ChameleonSoft Behavior Encryption
- CBE mechanism
- behaviorally-mutated functionally-equivalent code variants
- avalanche effect percentage