Network Diversity: A Security Metric for Evaluating the Resilience of Networks Against Zero-Day Attacks

Diversity has long been regarded as a security mechanism for improving the resilience of software and networks against various attacks. More recently, diversity has found new applications in cloud computing security, moving target defense, and improving the robustness of network routing. However, most existing efforts rely on intuitive and imprecise notions of diversity, and the few existing models of diversity are mostly designed for a single system running diverse software replicas or variants. At a higher abstraction level, as a global property of the entire network, diversity and its effect on security have received limited attention. In this paper, we take the first step toward formally modeling network diversity as a security metric by designing and evaluating a series of diversity metrics. In particular, we first devise a biodiversity-inspired metric based on the effective number of distinct resources. We then propose two complementary diversity metrics, based on the least and the average attacking efforts, respectively. We provide guidelines for instantiating the proposed metrics and present a case study on estimating software diversity. Finally, we evaluate the proposed metrics through simulation.

[1]  David Brumley,et al.  BitShred : Fast , Scalable Malware Triage ∗ , 2010 .

[2]  Bev Littlewood,et al.  Redundancy and Diversity in Security , 2004, ESORICS.

[3]  Sushil Jajodia,et al.  k-Zero Day Safety: A Network Security Metric for Measuring the Risk of Unknown Vulnerabilities , 2014, IEEE Transactions on Dependable and Secure Computing.

[4]  Scott Shenker,et al.  Diverse Replication for Single-Machine Byzantine-Fault Tolerance , 2008, USENIX Annual Technical Conference.

[5]  Somesh Jha,et al.  Automated generation and analysis of attack graphs , 2002, Proceedings 2002 IEEE Symposium on Security and Privacy.

[6]  William F. Smyth,et al.  Efficient token based clone detection with flexible tokenization , 2007, ESEC-FSE companion '07.

[7]  Angelos D. Keromytis,et al.  Countering code-injection attacks with instruction-set randomization , 2003, CCS '03.

[8]  Nora Cuppens-Boulahia,et al.  A Service Dependency Model for Cost-Sensitive Intrusion Response , 2010, ESORICS.

[9]  Xiaohua Jia,et al.  Enabling efficient access control with dynamic policy updating for big data in the cloud , 2014, IEEE INFOCOM 2014 - IEEE Conference on Computer Communications.

[10]  Mathias Ekstedt,et al.  Empirical Analysis of System-Level Vulnerability Metrics through Actual Attacks , 2012, IEEE Transactions on Dependable and Secure Computing.

[11]  Scott A. DeLoach,et al.  Simulation-based Approaches to Studying Effectiveness of Moving-Target Network Defense | NIST , 2012 .

[12]  Jia Wang,et al.  Would Diversity Really Increase the Robustness of the Routing Infrastructure against Software Defects? , 2008, NDSS.

[13]  Sushil Jajodia,et al.  k-Zero Day Safety: Measuring the Security Risk of Networks against Unknown Attacks , 2010, ESORICS.

[14]  C. Elton The Ecology of Invasions by Animals and Plants , 1960, Springer US.

[15]  Charles C. Elton,et al.  The Ecology of Invasions by Animals and Plants. , 1959 .

[16]  Sushil Jajodia,et al.  Modeling Network Diversity for Evaluating the Robustness of Networks against Zero-Day Attacks , 2014, ESORICS.

[17]  Sushil Jajodia,et al.  Moving Target Defense - Creating Asymmetric Uncertainty for Cyber Threats , 2011, Moving Target Defense.

[18]  Sushil Jajodia,et al.  Topological analysis of network attack vulnerability , 2006, PST.

[19]  Duminda Wijesekera,et al.  Scalable, graph-based network vulnerability analysis , 2002, CCS '02.

[20]  Tom Leinster,et al.  Measuring diversity: the importance of species similarity. , 2012, Ecology.

[21]  Sencun Zhu,et al.  Improving sensor network immunity under worm attacks: a software diversity approach , 2008, MobiHoc '08.

[22]  Vincent Nicomette,et al.  The Design of a Generic Intrusion-Tolerant Architecture for Web Servers , 2009, IEEE Transactions on Dependable and Secure Computing.

[23]  Bharat K. Bhargava,et al.  Extending Attack Graph-Based Security Metrics and Aggregating Their Application , 2012, IEEE Transactions on Dependable and Secure Computing.

[24]  Lingyu Wang,et al.  SIGMA: A Semantic Integrated Graph Matching Approach for identifying reused functions in binary code , 2015, Digit. Investig..

[25]  S. Bhatkar,et al.  Data Space Randomization , 2008, DIMVA.

[26]  Sushil Jajodia,et al.  Toward measuring network security using attack graphs , 2007, QoP '07.

[27]  Christopher W. Fraser,et al.  Clone detection via structural abstraction , 2007, 14th Working Conference on Reverse Engineering (WCRE 2007).

[28]  Romain Robbes,et al.  Language-Independent Clone Detection Applied to Plagiarism Detection , 2010, 2010 10th IEEE Working Conference on Source Code Analysis and Manipulation.

[29]  K. McCann The diversity–stability debate , 2000, Nature.

[30]  Воробьев Антон Александрович Анализ уязвимостей вычислительных систем на основе алгебраических структур и потоков данных National Vulnerability Database , 2013 .

[31]  Daniel C. DuVarney,et al.  Address Obfuscation: An Efficient Approach to Combat a Broad Range of Memory Error Exploits , 2003, USENIX Security Symposium.

[32]  Debin Gao,et al.  Behavioral Distance Measurement Using Hidden Markov Models , 2006, RAID.

[33]  M. Hill Diversity and Evenness: A Unifying Notation and Its Consequences , 1973 .

[34]  C. Elton,et al.  The Ecology of Invasion by Animals and Plants , 1960 .

[35]  Miles A. McQueen,et al.  Time-to-Compromise Model for Cyber Risk Reduction Estimation , 2006, Quality of Protection.

[36]  Bev Littlewood,et al.  Modeling software design diversity: a review , 2001, CSUR.

[37]  Roy A. Maxion,et al.  Use of diversity as a defense mechanism , 2005, NSPW '05.

[38]  Karen Scarfone,et al.  Common Vulnerability Scoring System , 2006, IEEE Security & Privacy.

[39]  Daniel J. Quinlan,et al.  Detecting code clones in binary executables , 2009, ISSTA.

[40]  Edward J. McCluskey,et al.  A Design Diversity Metric and Analysis of Redundant Systems , 2002, IEEE Trans. Computers.

[41]  David Evans,et al.  N-Variant Systems: A Secretless Framework for Security through Diversity , 2006, USENIX Security Symposium.

[42]  Xinming Ou,et al.  A scalable approach to attack graph generation , 2006, CCS '06.

[43]  Jeannette M. Wing,et al.  An Attack Surface Metric , 2011, IEEE Transactions on Software Engineering.

[44]  LittlewoodBev,et al.  Modeling software design diversity , 2001 .

[45]  Sushil Jajodia,et al.  Measuring the Overall Security of Network Configurations Using Attack Graphs , 2007, DBSec.

[46]  J. Howard Johnson,et al.  Identifying redundancy in source code using fingerprints , 1993, CASCON.

[47]  Ross J. Anderson,et al.  Rendezvous: A search engine for binary code , 2013, 2013 10th Working Conference on Mining Software Repositories (MSR).

[48]  Cong Wang,et al.  Security Challenges for the Public Cloud , 2012, IEEE Internet Computing.

[49]  Alysson Neves Bessani,et al.  OS diversity for intrusion tolerance: Myth or reality? , 2011, 2011 IEEE/IFIP 41st International Conference on Dependable Systems & Networks (DSN).

[50]  Eric Totel,et al.  COTS Diversity Based Intrusion Detection and Application to Web Servers , 2005, RAID.

[51]  Sushil Jajodia,et al.  Time-efficient and cost-effective network hardening using attack graphs , 2012, IEEE/IFIP International Conference on Dependable Systems and Networks (DSN 2012).

[52]  Xiaohua Jia,et al.  DAC-MACS: Effective Data Access Control for Multiauthority Cloud Storage Systems , 2013, IEEE Transactions on Information Forensics and Security.

[53]  Sushil Jajodia,et al.  Measuring network security using dynamic bayesian network , 2008, QoP '08.

[54]  Thomas Dullien,et al.  Automated Attacker Correlation for Malicious Code , 2010 .