Title :
Software diversity as a defense against viral propagation: models and simulations
Author :
O´Donnell, Adam J. ; Sethu, Harish
Author_Institution :
Dept. of Electr. & Comput. Eng., Drexel Univ., Philadelphia, PA, USA
Abstract :
The use of software diversity has often been discussed in the research literature as an effective means to break up the software monoculture present on the Internet and to thus prevent malcode propagation. However, there have been no quantitative studies that examine the effectiveness of software diversity on viral propagation. In this paper, we study both real (an IPv6 BGP topology) and synthetically generated (an Erdos-Renyi random graph) network topologies and employ a popular metric called the epidemic threshold to measure resistance to viral propagation in the presence of software diversity. We show that one can increase the epidemic threshold of a network even with a naive, random distribution of diverse software on the nodes of a network. We also show that an algorithm-driven diversity assignment further increases the epidemic threshold. These results confirm the value of strategic topology-sensitive assignment of diversity to improving the tolerance of a network to malcode propagation.
Keywords :
Internet; computer viruses; digital simulation; software fault tolerance; software metrics; Erdos-Renyi random graph network topology; IPv6 BGP topology; Internet; epidemic threshold metric; malcode propagation; software diversity; software monoculture; viral propagation; Computer networks; Computer security; Computer worms; Electrical resistance measurement; Electronic mail; Immune system; Internet; Network topology; Software measurement; Software packages;
Conference_Titel :
Principles of Advanced and Distributed Simulation, 2005. PADS 2005. Workshop on
Print_ISBN :
0-7695-2383-8
DOI :
10.1109/PADS.2005.31
