Multi-objective software assignment for active cyber defense

Software diversity is a well-accepted security principle for active cyber defense against the spread of Internet worms and other malicious attacks. In recent years, various software assignment techniques have been designed to introduce heterogeneity into network hosts for the maximum network survivability. However, few work consider practical constraints involved in the software assignment process. To close such a gap, in this work we model the software assignment problem as a multi-objective optimization problem, which incorporates several real-world criteria simultaneously, including network survivability, system feasibility and usability. To solves this multi-objective problem efficiently, we propose an ant colony optimization (ACO) based algorithm, where colonies of artificial ants work collaboratively through both heuristic information and pheromone-mediated communication to iteratively search for better solutions. To validate the generalizability of the proposed method, we experiment our algorithm on various types of network topologies with different parameter settings. The results show that our model can be applied as an effective method for assigning software for multiple objectives. The experimental results also provide interesting insights for optimal software assignment.

[1]  E. Salari,et al.  An ACO algorithm for graph coloring problem , 2005, 2005 ICSC Congress on Computational Intelligence Methods and Applications.

[2]  Sencun Zhu,et al.  Improving sensor network immunity under worm attacks: A software diversity approach , 2016, Ad Hoc Networks.

[3]  Lothar Thiele,et al.  Multiobjective evolutionary algorithms: a comparative case study and the strength Pareto approach , 1999, IEEE Trans. Evol. Comput..

[4]  Vyacheslav S. Kharchenko,et al.  Using Diversity in Cloud-Based Deployment Environment to Avoid Intrusions , 2011, SERENE.

[5]  Frederick B. Cohen,et al.  Operating system protection through program evolution , 1993, Comput. Secur..

[6]  Ieee Staff,et al.  2013 IEEE Conference on Communications and Network Security (CNS) , 2013 .

[7]  Eric Totel,et al.  COTS Diversity Based Intrusion Detection and Application to Web Servers , 2005, RAID.

[8]  Harish Sethu,et al.  On achieving software diversity for improved network security using distributed coloring algorithms , 2004, CCS '04.

[9]  Marco Dorigo,et al.  Distributed Optimization by Ant Colonies , 1992 .

[10]  Salim Hariri,et al.  Randomized Instruction Set Emulation To Disrupt Binary Code Injection Attacks , 2003 .

[11]  Paul H. Calamai,et al.  Exchange strategies for multiple Ant Colony System , 2007, Inf. Sci..

[12]  Angelos D. Keromytis,et al.  Countering code-injection attacks with instruction-set randomization , 2003, CCS '03.

[13]  Jia Wang,et al.  Would Diversity Really Increase the Robustness of the Routing Infrastructure against Software Defects? , 2008, NDSS.

[14]  David H. Ackley,et al.  Building diverse computer systems , 1997, Proceedings. The Sixth Workshop on Hot Topics in Operating Systems (Cat. No.97TB100133).

[15]  J. B. Brooke,et al.  SUS: A 'Quick and Dirty' Usability Scale , 1996 .

[16]  Daniel C. DuVarney,et al.  Address Obfuscation: An Efficient Approach to Combat a Broad Range of Memory Error Exploits , 2003, USENIX Security Symposium.

[17]  Sencun Zhu,et al.  Toward Software Diversity in Heterogeneous Networked Systems , 2014, DBSec.

[18]  Daniel C. DuVarney,et al.  Efficient Techniques for Comprehensive Protection from Memory Error Exploits , 2005, USENIX Security Symposium.

[19]  Nigel Bevan,et al.  Usability is Quality of Use , 1995 .

[20]  Javier Jaén Martínez,et al.  A grid ant colony algorithm for the orienteering problem , 2005, 2005 IEEE Congress on Evolutionary Computation.

[21]  Thomas Stützle,et al.  MAX-MIN Ant System , 2000, Future Gener. Comput. Syst..

[22]  Stephanie Forrest,et al.  Architecture for an Artificial Immune System , 2000, Evolutionary Computation.

[23]  Oscar Cordón,et al.  An Empirical Analysis of Multiple Objective Ant Colony Optimization Algorithms for the Bi-criteria TSP , 2004, ANTS Workshop.

[24]  Mauro Birattari,et al.  Dm63 Heuristics for Combinatorial Optimization Ant Colony Optimization Exercises Outline Ant Colony Optimization: the Metaheuristic Application Examples Generalized Assignment Problem (gap) Connection between Aco and Other Metaheuristics Encodings Capacited Vehicle Routing Linear Ordering Ant Colony , 2022 .

[25]  Marco Dorigo,et al.  Ant system: optimization by a colony of cooperating agents , 1996, IEEE Trans. Syst. Man Cybern. Part B.

[26]  Chandrasekharan Rajendran,et al.  Ant-colony algorithms for permutation flowshop scheduling to minimize makespan/total flowtime of jobs , 2004, Eur. J. Oper. Res..