Distributed Heterogeneous N-Variant Execution

Alexios Voulimeneas, Dokyung Song, Fabian Parzefall, Yeoul Na, Per Larsen, Michael Franz, Stijn Volckaert

Research output: Chapter in Book/Report/Conference proceedingConference contribution

Abstract

N-Variant Execution (NVX) systems utilize artificial diversity techniques to enhance software security. The general idea is to run multiple different variants of the same program alongside each other while monitoring their diverging behavior on a malicious input. Existing NVX systems execute diversified program variants on a single host. This means the level of inter-variant diversity will be limited to what a single platform can offer, without costly emulation. This paper presents DMON, a novel distributed NVX design that executes native program variants across multiple heterogeneous hosts. Our approach greatly increases the level of diversity between the simultaneously running variants that can be supported, encompassing different ISAs and ABIs. Our evaluation shows that DMON can provide comparable performance to traditional, non-distributed NVX systems, while enhancing security.

Original languageEnglish
Title of host publicationDetection of Intrusions and Malware, and Vulnerability Assessment - 17th International Conference, DIMVA 2020, Proceedings
EditorsClémentine Maurice, Leyla Bilge, Gianluca Stringhini, Nuno Neves
PublisherSpringer
Pages217-237
Number of pages21
ISBN (Print)9783030526825
DOIs
Publication statusPublished - 2020
Event17th International Conference on Detection of Intrusions and Malware, and Vulnerability Assessment, DIMVA 2020 - Lisbon, Portugal
Duration: 2020 Jun 242020 Jun 26

Publication series

NameLecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)
Volume12223 LNCS
ISSN (Print)0302-9743
ISSN (Electronic)1611-3349

Conference

Conference17th International Conference on Detection of Intrusions and Malware, and Vulnerability Assessment, DIMVA 2020
CountryPortugal
CityLisbon
Period20/6/2420/6/26

Bibliographical note

Funding Information:
The authors thank Kostis Kaffes, Marios Pomonis, Georgios Detorakis, Lefteris Kokoris-Kogias, Anil Altinay, Mohaned Qunaibit, Paul Kirth, David Gens, Adrian Dabrowski and our reviewers. This material is based upon work partially supported by the Defense Advanced Research Projects Agency under contract FA8750-16-C-0260, by the United States Office of Naval Research under contract N00014-17-1-2782, and by the National Science Foundation under award CNS-161921. Any opinions, findings, and conclusions or recommendations expressed in this material are those of the authors and do not necessarily reflect the views of the Defense Advanced Research Projects Agency or its Contracting Agents, the Office of Naval Research or its Contracting Agents, the National Science Foundation, or any other agency of the U.S. Government.

Publisher Copyright:
© 2020, Springer Nature Switzerland AG.

All Science Journal Classification (ASJC) codes

  • Theoretical Computer Science
  • Computer Science(all)

Fingerprint Dive into the research topics of 'Distributed Heterogeneous N-Variant Execution'. Together they form a unique fingerprint.

Cite this