Visible to the public Multidimensional Diversity Employment for Software Behavior Encryption

TitleMultidimensional Diversity Employment for Software Behavior Encryption
Publication TypeConference Paper
Year of Publication2014
AuthorsAzab, M.
Conference NameNew Technologies, Mobility and Security (NTMS), 2014 6th International Conference on
Date PublishedMarch
Keywordsautonomic failure recovery mechanism, avalanche effect percentage, behaviorally-mutated functionally-equivalent code variants, CBE mechanism, ChameleonSoft Behavior Encryption, ChameleonSoft recovery mechanisms, computational complexity, computational cost, confusion levels, cryptography, diffusion levels, Employment, Encryption, moving target defense, multidimensional software diversity employment, multidimensional systems, online programmable software-execution foundation separating logic, resilience, Runtime, security level, security provisioning, Software, software fault tolerance, software monoculture, Spatiotemporal phenomena, spatiotemporal software behavior encryption, System recovery, system resilience
Abstract

Modern cyber systems and their integration with the infrastructure has a clear effect on the productivity and quality of life immensely. Their involvement in our daily life elevate the need for means to insure their resilience against attacks and failure. One major threat is the software monoculture. Latest research work demonstrated the danger of software monoculture and presented diversity to reduce the attack surface. In this paper, we propose ChameleonSoft, a multidimensional software diversity employment to, in effect, induce spatiotemporal software behavior encryption and a moving target defense. ChameleonSoft introduces a loosely coupled, online programmable software-execution foundation separating logic, state and physical resources. The elastic construction of the foundation enabled ChameleonSoft to define running software as a set of behaviorally-mutated functionally-equivalent code variants. ChameleonSoft intelligently Shuffle, at runtime, these variants while changing their physical location inducing untraceable confusion and diffusion enough to encrypt the execution behavior of the running software. ChameleonSoft is also equipped with an autonomic failure recovery mechanism for enhanced resilience. In order to test the applicability of the proposed approach, we present a prototype of the ChameleonSoft Behavior Encryption (CBE) and recovery mechanisms. Further, using analysis and simulation, we study the performance and security aspects of the proposed system. This study aims to assess the provisioned level of security by measuring the avalanche effect percentage and the induced confusion and diffusion levels to evaluate the strength of the CBE mechanism. Further, we compute the computational cost of security provisioning and enhancing system resilience.

DOI10.1109/NTMS.2014.6814033
Citation Key6814033