Article

Heterogeneous networking: a new survivability paradigm

Authors:

Son K. DaoAuthors Info & Claims

NSPW '01: Proceedings of the 2001 workshop on New security paradigms

Pages 33 - 39

https://doi.org/10.1145/508171.508177

Published: 10 September 2001 Publication History

Get Access

Abstract

We believe that a network, to be survivable, must be heterogeneous. Just like a species that draws on a small gene pool can succumb to a single environmental threat, so a homogeneous network is vulnerable to a malicious attack that exploits a single weakness common to all of its components. In contrast, in a network in which each critical functionality is provided by a diverse set of protocols and implementations, attacks that focus on a weakness of one such protocol or implementation will not be able to bring down the entire network, even though all elements are not be bulletproof and even if some of components are compromised.Following this survivability through heterogeneity philosophy, we propose a new survivability paradigm, called heterogeneous networking, for improving a network's defense capabilities. Rather than following the current trend of converging towards single solutions to provide the desired functionality at every element of the network architecture, this methodology calls for systematically increasing the network's heterogeneity without sacrificing its interoperability.

References

[1]

A. Avizienis. The n-version aproach to fault-tolerant software. IEEE Transactions on Software Engineering, SE-11(12):1491-1501, December 1985.

Digital Library

Google Scholar

[2]

A. Avizienis and L. Chen. On the implementation of n-version programming for software fault-tolerance during program execution. In Proceedings of International Computer Software and Applications Conference, pages 149-155, 1977.

Google Scholar

[3]

C. Cowan and C. Pu. Immunix: Survivability through specialization. In Proceedings of SEI Information Survivability Workshop, San Diego, California, USA, February 1997.

Google Scholar

[4]

D. Eckhardt and L. Lee. A theoretical basis for the analysis of multiversion software subject to coincident errors. IEEE Transactions on Software Engineering, SE-11(12):1511-1517, 1985.

Digital Library

Google Scholar

[5]

R. Ellison, D. Fisher, R. Linger, H. Lipson, T. Longstaff, and N. Mead. Survivability: Protecting your critical systems. IEEE Internet Computing, 3(6):55-63, November/December 1999.

Digital Library

Google Scholar

[6]

S. Forrest, A. Somayaji, and D. Ackley. Building diverse computer systems. In Proceedings of the Sixth Workshop on Hot Topics in Operating Systems (HotOS-VI), pages 67-72, 1997.

Digital Library

Google Scholar

[7]

M. Joseph and A. Avizienis. A fault tolerance approach to computer viruses. In Proceedings of the 1988 IEEE Symposium on Security and Privacy, pages 52-58, Oakland, California, USA, April 1988.

Crossref

Google Scholar

[8]

J. C. Knight and N. G. Leveson. An experimental evaluation of the assumption of independence in multiversion programming. IEEE Transactions on Software Engineering, SE-12(1):96-109, January 1986.

Digital Library

Google Scholar

[9]

B. Littlewood, P. Popov, and L. Strigini. Modelling software design diversity - a review. ACM Computing Surveys, 33(2):177-208, June 2001.

Digital Library

Google Scholar

[10]

J. Millen. Local reconfiguration policies. In Proceedings of the 1999 IEEE Symposium on Security and Privacy, pages 48-56, Oakland, California, USA, May 1999.

Crossref

Google Scholar

[11]

S. Mitra, N. Saxena, and E. McCluskey. A design diversity metric and reliability analysis for redundant systems. In Proceedings of the 1999 International Test Conference, pages 662-671, Atlantic City, New Jersey, USA, September 1999.

Digital Library

Google Scholar

[12]

E. Shek, S. Dao, Y. Zhang, D. van Buer, and G. Giuffrida. Intelligent information dissemination services in hybrid satellite-wireless networks. ACM Mobile Networks and Applications (MONET) Journal, 5(4):273-284, December 2000.

Digital Library

Google Scholar

Cited By

View all

Chen HCam HXu S(2022)Quantifying Cybersecurity Effectiveness of Dynamic Network DiversityIEEE Transactions on Dependable and Secure Computing10.1109/TDSC.2021.310751419:6(3804-3821)Online publication date: 1-Nov-2022
https://doi.org/10.1109/TDSC.2021.3107514
Liu ZZhang ZXi RZhu PMa B(2022)SoK: A Survey on Redundant Execution Technology2021 International Conference on Advanced Computing and Endogenous Security10.1109/IEEECONF52377.2022.10013333(1-14)Online publication date: 21-Apr-2022
https://doi.org/10.1109/IEEECONF52377.2022.10013333
Prieto YFigueroa MPezoa J(2022)Guaranteeing Network Reliability to 0-Day Exploits Using Cost-Effective Heterogeneous Node MigrationIEEE Access10.1109/ACCESS.2022.321567510(111153-111170)Online publication date: 2022
https://doi.org/10.1109/ACCESS.2022.3215675
Show More Cited By

Index Terms

Heterogeneous networking: a new survivability paradigm

Recommendations

Analyzing effective mitigation of DDoS attack with software defined networking
Abstract
Distributed Denial of Service (DDoS) attack prevention research is mostly focused upon attack detection. Early attack detection facilitates the network administrator to quickly manage these attacks with least impact on the legitimate users. The ...
RTNSS: a routing trace-based network security system for preventing ARP spoofing attacks

The motion of address resolution protocol (ARP) is done without any problem in a general environment, but it is not considered from the security aspect; therefore, it risks being threatened by an attack from the network called ARP spoofing or ARP ...
Malware resistant networking using system diversity
SIGITE '05: Proceedings of the 6th conference on Information technology education

In the biological world, species are known to ensure survival by introducing variations among individuals of the species, some of which may have superior survival characteristics in the event of certain environmental changes. While not precisely ...

Comments

Information & Contributors

Information

Published In

NSPW '01: Proceedings of the 2001 workshop on New security paradigms

September 2001

157 pages

ISBN:1581134576

DOI:10.1145/508171

Conference Chair:
Victor Raskin,
General Chair:
Steven J. Greenwald,
Program Chairs:
Brenda Timmerman,
Darrell Kienzle

Permission to make digital or hard copies of all or part of this work for personal or classroom use is granted without fee provided that copies are not made or distributed for profit or commercial advantage and that copies bear this notice and the full citation on the first page. Copyrights for components of this work owned by others than ACM must be honored. Abstracting with credit is permitted. To copy otherwise, or republish, to post on servers or to redistribute to lists, requires prior specific permission and/or a fee. Request permissions from [email protected]

Publisher

Association for Computing Machinery

New York, NY, United States

Publication History

Published: 10 September 2001

Permissions

Request permissions for this article.

Request Permissions

Check for updates

Author Tags

Qualifiers

Article

Conference

NSPW01

Sponsor:

SIGSAC

NSPW01: New Security Paradigms Workshop 2001

September 10 - 13, 2001

New Mexico, Cloudcroft

Acceptance Rates

Overall Acceptance Rate 62 of 170 submissions, 36%

Contributors

Other Metrics

View Article Metrics

Bibliometrics & Citations

Bibliometrics

Article Metrics

40
Total Citations
View Citations
713
Total Downloads

Downloads (Last 12 months)7
Downloads (Last 6 weeks)1

Reflects downloads up to 27 Jul 2024

Other Metrics

View Author Metrics

Citations

Cited By

View all

Chen HCam HXu S(2022)Quantifying Cybersecurity Effectiveness of Dynamic Network DiversityIEEE Transactions on Dependable and Secure Computing10.1109/TDSC.2021.310751419:6(3804-3821)Online publication date: 1-Nov-2022
https://doi.org/10.1109/TDSC.2021.3107514
Liu ZZhang ZXi RZhu PMa B(2022)SoK: A Survey on Redundant Execution Technology2021 International Conference on Advanced Computing and Endogenous Security10.1109/IEEECONF52377.2022.10013333(1-14)Online publication date: 21-Apr-2022
https://doi.org/10.1109/IEEECONF52377.2022.10013333
Prieto YFigueroa MPezoa J(2022)Guaranteeing Network Reliability to 0-Day Exploits Using Cost-Effective Heterogeneous Node MigrationIEEE Access10.1109/ACCESS.2022.321567510(111153-111170)Online publication date: 2022
https://doi.org/10.1109/ACCESS.2022.3215675
Zhang QCho JMoore TChen I(2021)Vulnerability-Aware Resilient Networks: Software Diversity-Based Network AdaptationIEEE Transactions on Network and Service Management10.1109/TNSM.2020.304764918:3(3154-3169)Online publication date: Sep-2021
https://doi.org/10.1109/TNSM.2020.3047649
Ma BZhang ZJi XLiu HZhang G(2021)Study on Costs of Software-based Heterogeneous Redundant Execution2021 7th International Conference on Computer and Communications (ICCC)10.1109/ICCC54389.2021.9674362(1321-1324)Online publication date: 10-Dec-2021
https://doi.org/10.1109/ICCC54389.2021.9674362
Prieto YFigueroa MPezoa J(2021)Maximizing Network Reliability to 0-Day Exploits Through a Heterogeneous Node Migration StrategyIEEE Access10.1109/ACCESS.2021.30951499(97747-97759)Online publication date: 2021
https://doi.org/10.1109/ACCESS.2021.3095149
Chen GShi GChen LHe XJiang S(2020)A Novel Model of Mimic Defense Based on Minimal L-Order Error ProbabilityIEEE Access10.1109/ACCESS.2020.30248478(180481-180490)Online publication date: 2020
https://doi.org/10.1109/ACCESS.2020.3024847
Prieto YBoettcher NRestrepo SPezoa J(2019)Optimal Multiculture Network Design for Maximizing Resilience in the Face of Multiple Correlated FailuresApplied Sciences10.3390/app91122569:11(2256)Online publication date: 31-May-2019
https://doi.org/10.3390/app9112256
Touhiduzzaman MHahn ASrivastava A(2019)A Diversity-Based Substation Cyber Defense Strategy Utilizing Coloring GamesIEEE Transactions on Smart Grid10.1109/TSG.2018.288167210:5(5405-5415)Online publication date: Sep-2019
https://doi.org/10.1109/TSG.2018.2881672
Chen HCho JXu SSingh MWilliams LKuhn RXie T(2018)Quantifying the security effectiveness of network diversityProceedings of the 5th Annual Symposium and Bootcamp on Hot Topics in the Science of Security10.1145/3190619.3191680(1-1)Online publication date: 10-Apr-2018
https://dl.acm.org/doi/10.1145/3190619.3191680
Show More Cited By

View Options

Get Access

Login options

Check if you have access through your login credentials or your institution to get full access on this article.

Cited By

Index Terms

Recommendations

Analyzing effective mitigation of DDoS attack with software defined networking

RTNSS: a routing trace-based network security system for preventing ARP spoofing attacks

Malware resistant networking using system diversity

Comments

Published In

Sponsors

Publisher

Publication History

Permissions

Check for updates

Author Tags

Qualifiers

Conference

Acceptance Rates

Other Metrics

Article Metrics

Other Metrics

Cited By

Login options

Full Access

PDF

eReader

Abstract

References

Cited By

Index Terms

Recommendations

Analyzing effective mitigation of DDoS attack with software defined networking

RTNSS: a routing trace-based network security system for preventing ARP spoofing attacks

Malware resistant networking using system diversity

Comments

Information

Published In

Sponsors

Publisher

Publication History

Permissions

Check for updates

Author Tags

Qualifiers

Conference

Acceptance Rates

Contributors

Other Metrics

Bibliometrics

Article Metrics

Other Metrics

Citations

Cited By

Get Access

Login options

Full Access

View options

PDF

eReader

Figures

Other

Share

Share this Publication link

Share on social media

Affiliations