Review and analysis of synthetic diversity for breaking monocultures

James E. Just, Mark Cornwell
2004 Proceedings of the 2004 ACM workshop on Rapid malcode - WORM '04  
The increasing monoculture in operating systems and key applications and the enormous expense of N-version programming for custom applications mean that lack of diversity is a fundamental barrier to achieving survivability even for high value systems that can afford hot spares. This monoculture makes flash worms possible. Our analysis of vulnerabilities and exploits identifies key assumptions required to develop successful attacks. We review the literature on synthetic diversity techniques,
more » ... sing primarily on those that can be implemented at the executable code level, since this is where we believe there is the most potential to reduce the common mode failure problem in COTS applications. Finally we propose a functional architecture for synthetic diversity at the executable code level that reduces the common mode failure problem in COTS applications by several orders of magnitude.
doi:10.1145/1029618.1029623 dblp:conf/worm/JustC04 fatcat:5spacqa3q5c23ehudbvkbakxie