OS diversity for intrusion tolerance: Myth or reality?
| Main Author: | |
|---|---|
| Publication Date: | 2011 |
| Other Authors: | , , , |
| Format: | Conference object |
| Language: | eng |
| Source: | Repositório Institucional da Udesc |
| dARK ID: | ark:/33523/0013000006v6n |
| Download full: | https://repositorio.udesc.br/handle/UDESC/9488 |
Summary: | One of the key benefits of using intrusion-tolerant systems is the possibility of ensuring correct behavior in the presence of attacks and intrusions. These security gains are directly dependent on the components exhibiting failure diversity. To what extent failure diversity is observed in practical deployment depends on how diverse are the components that constitute the system. In this paper we present a study with operating systems (OS) vulnerability data from the NIST National Vulnerability Database. We have analyzed the vulnerabilities of 11 different OSes over a period of roughly 15 years, to check how many of these vulnerabilities occur in more than one OS. We found this number to be low for several combinations of OSes. Hence, our analysis provides a strong indication that building a system with diverse OSes may be a useful technique to improve its intrusion tolerance capabilities. © 2011 IEEE. |
| id |
UDESC-2_d32c0605b0e69a56705637c9de1868e0 |
|---|---|
| oai_identifier_str |
oai:repositorio.udesc.br:UDESC/9488 |
| network_acronym_str |
UDESC-2 |
| network_name_str |
Repositório Institucional da Udesc |
| repository_id_str |
6391 |
| spelling |
OS diversity for intrusion tolerance: Myth or reality?One of the key benefits of using intrusion-tolerant systems is the possibility of ensuring correct behavior in the presence of attacks and intrusions. These security gains are directly dependent on the components exhibiting failure diversity. To what extent failure diversity is observed in practical deployment depends on how diverse are the components that constitute the system. In this paper we present a study with operating systems (OS) vulnerability data from the NIST National Vulnerability Database. We have analyzed the vulnerabilities of 11 different OSes over a period of roughly 15 years, to check how many of these vulnerabilities occur in more than one OS. We found this number to be low for several combinations of OSes. Hence, our analysis provides a strong indication that building a system with diverse OSes may be a useful technique to improve its intrusion tolerance capabilities. © 2011 IEEE.2024-12-06T19:12:20Z2011info:eu-repo/semantics/publishedVersioninfo:eu-repo/semantics/conferenceObjectp. 383 - 39410.1109/DSN.2011.5958251https://repositorio.udesc.br/handle/UDESC/9488ark:/33523/0013000006v6nProceedings of the International Conference on Dependable Systems and NetworksGarcia M.Bessani A.Gashi I.Neves N.Obelheiro, Rafael Rodriguesengreponame:Repositório Institucional da Udescinstname:Universidade do Estado de Santa Catarina (UDESC)instacron:UDESCinfo:eu-repo/semantics/openAccess2024-12-07T21:03:10Zoai:repositorio.udesc.br:UDESC/9488Biblioteca Digital de Teses e Dissertaçõeshttps://pergamumweb.udesc.br/biblioteca/index.phpPRIhttps://repositorio-api.udesc.br/server/oai/requestri@udesc.bropendoar:63912024-12-07T21:03:10Repositório Institucional da Udesc - Universidade do Estado de Santa Catarina (UDESC)false |
| dc.title.none.fl_str_mv |
OS diversity for intrusion tolerance: Myth or reality? |
| title |
OS diversity for intrusion tolerance: Myth or reality? |
| spellingShingle |
OS diversity for intrusion tolerance: Myth or reality? Garcia M. |
| title_short |
OS diversity for intrusion tolerance: Myth or reality? |
| title_full |
OS diversity for intrusion tolerance: Myth or reality? |
| title_fullStr |
OS diversity for intrusion tolerance: Myth or reality? |
| title_full_unstemmed |
OS diversity for intrusion tolerance: Myth or reality? |
| title_sort |
OS diversity for intrusion tolerance: Myth or reality? |
| author |
Garcia M. |
| author_facet |
Garcia M. Bessani A. Gashi I. Neves N. Obelheiro, Rafael Rodrigues |
| author_role |
author |
| author2 |
Bessani A. Gashi I. Neves N. Obelheiro, Rafael Rodrigues |
| author2_role |
author author author author |
| dc.contributor.author.fl_str_mv |
Garcia M. Bessani A. Gashi I. Neves N. Obelheiro, Rafael Rodrigues |
| description |
One of the key benefits of using intrusion-tolerant systems is the possibility of ensuring correct behavior in the presence of attacks and intrusions. These security gains are directly dependent on the components exhibiting failure diversity. To what extent failure diversity is observed in practical deployment depends on how diverse are the components that constitute the system. In this paper we present a study with operating systems (OS) vulnerability data from the NIST National Vulnerability Database. We have analyzed the vulnerabilities of 11 different OSes over a period of roughly 15 years, to check how many of these vulnerabilities occur in more than one OS. We found this number to be low for several combinations of OSes. Hence, our analysis provides a strong indication that building a system with diverse OSes may be a useful technique to improve its intrusion tolerance capabilities. © 2011 IEEE. |
| publishDate |
2011 |
| dc.date.none.fl_str_mv |
2011 2024-12-06T19:12:20Z |
| dc.type.status.fl_str_mv |
info:eu-repo/semantics/publishedVersion |
| dc.type.driver.fl_str_mv |
info:eu-repo/semantics/conferenceObject |
| format |
conferenceObject |
| status_str |
publishedVersion |
| dc.identifier.uri.fl_str_mv |
10.1109/DSN.2011.5958251 https://repositorio.udesc.br/handle/UDESC/9488 |
| dc.identifier.dark.fl_str_mv |
ark:/33523/0013000006v6n |
| identifier_str_mv |
10.1109/DSN.2011.5958251 ark:/33523/0013000006v6n |
| url |
https://repositorio.udesc.br/handle/UDESC/9488 |
| dc.language.iso.fl_str_mv |
eng |
| language |
eng |
| dc.relation.none.fl_str_mv |
Proceedings of the International Conference on Dependable Systems and Networks |
| dc.rights.driver.fl_str_mv |
info:eu-repo/semantics/openAccess |
| eu_rights_str_mv |
openAccess |
| dc.format.none.fl_str_mv |
p. 383 - 394 |
| dc.source.none.fl_str_mv |
reponame:Repositório Institucional da Udesc instname:Universidade do Estado de Santa Catarina (UDESC) instacron:UDESC |
| instname_str |
Universidade do Estado de Santa Catarina (UDESC) |
| instacron_str |
UDESC |
| institution |
UDESC |
| reponame_str |
Repositório Institucional da Udesc |
| collection |
Repositório Institucional da Udesc |
| repository.name.fl_str_mv |
Repositório Institucional da Udesc - Universidade do Estado de Santa Catarina (UDESC) |
| repository.mail.fl_str_mv |
ri@udesc.br |
| _version_ |
1842258094855290880 |