Internet Archive Scholar

Intrusion-Avoidance via System Diversity

Anatoliy Gorbenko, Vyacheslav Kharchenko, Olga Tarasyuk, Alexander Romanovsky
2012 Information & Security An International Journal  

Preserved Fulltext

fulltext thumbnail
Web Archive Capture PDF (74.5 kB)
https://web.archive.org/web/20180721175223/http://procon.bg/system/files/28.13_Gorbenko_Kharchenko_Tarasyuk_Romanovsky.pdf

A copy of this work was available on the public web and has been preserved in the Wayback Machine. The capture dates from 2018; you can also visit the original URL. The file type is application/pdf.

The paper discusses a generic intrusion-avoidance architecture allowing the system architects to decrease the risk of intrusions. The architecture employs software diversity at various system levels and dynamically reconfigures the deployment environment to avoid intrusions. This solution reduces the so-called system's days-of-risk which is a period of an increased security risk between the time when a vulnerability is publicly disclosed to the time when a patch is available to fix it. To
more » ... the less vulnerable system configuration we propose metrics estimating security risks by accounting a number of not-fixed vulnerabilities and their severity.
doi:10.11610/isij.2813 fatcat:7hfranobmndx7ftujurpfugli4
Open Access
Citation

Anatoliy Gorbenko, Vyacheslav Kharchenko, Olga Tarasyuk, Alexander Romanovsky. "Intrusion-Avoidance via System Diversity." Information & Security An International Journal (2012) 154-158