DMVX: Secure and Efficient Multi-Variant Execution in a Distributed Setting

Alexios Voulimeneas, Dokyung Song, Per Larsen, Michael Franz, Stijn Volckaert

Research output: Chapter in Book/Report/Conference proceedingConference contribution

5 Citations (Scopus)


Multi-variant execution (MVX) systems amplify the effectiveness of software diversity techniques. The key idea is to run multiple diversified program variants in lockstep while providing them with the same input and monitoring their run-time behavior for divergences. Thus, adversaries have to compromise all program variants simultaneously to mount an attack successfully. Recent work proposed distributed, heterogeneous MVX systems that leverage different ABIs and ISAs to increase the diversity between program variants further. However, existing distributed MVX system designs suffer from high performance overhead due to time-consuming network transactions required for the MVX operations. This paper presents dMVX, a novel hybrid distributed MVX design, which incorporates new techniques that significantly reduce the overhead of MVX systems in a distributed setting. Our key insight is that we can intelligently reduce the MVX operations that use expensive network transfers. First, we can limit the monitoring of system calls that are not security-critical. Second, we observe that, in many circumstances, we can also safely avoid replication operations needed for I/O related system calls. Our evaluation shows that dMVX reduces the performance degradation from over 50% to 3.1% for realistic server benchmarks.

Original languageEnglish
Title of host publicationEuroSec 2021 - Proceedings of the 14th European Workshop on Systems
PublisherAssociation for Computing Machinery, Inc
Number of pages7
ISBN (Electronic)9781450383370
Publication statusPublished - 2021 Apr 26
Event14th European Workshop on Systems, EuroSec 2021 - Virtual, Online, United Kingdom
Duration: 2021 Apr 26 → …

Publication series

NameEuroSec 2021 - Proceedings of the 14th European Workshop on Systems


Conference14th European Workshop on Systems, EuroSec 2021
Country/TerritoryUnited Kingdom
CityVirtual, Online
Period21/4/26 → …

Bibliographical note

Funding Information:
The authors thank Manolis Stamatogiannakis, Adrian Dabrowski, Jonas Vinck, Ruben Mechelinck and our reviewers. This material is based upon work partially supported by the Defense Advanced Research Projects Agency under contract N6600120C4027, and by the United States Office of Naval Research under contract N00014-17-1-2782. Any opinions, findings, and conclusions or recommendations expressed in this material are those of the authors and do not necessarily reflect the views of the Defense Advanced Research Projects Agency or its Contracting Agents, the Office of Naval Research or its Contracting Agents, or any other agency of the U.S. Government.

Publisher Copyright:
© 2021 ACM.

All Science Journal Classification (ASJC) codes

  • Computer Networks and Communications
  • Hardware and Architecture
  • Safety, Risk, Reliability and Quality


Dive into the research topics of 'DMVX: Secure and Efficient Multi-Variant Execution in a Distributed Setting'. Together they form a unique fingerprint.

Cite this