Title :
Systematic generation of stochastic diversity as an intrusion barrier in survivable systems software
Author_Institution :
Software Eng. Inst., Carnegie Mellon Univ., Pittsburgh, PA, USA
Abstract :
Survivable systems software must exhibit high resistance to intrusion. A process of stochastic diversification can help increase resistance to intrusion through random obscuration of survivable system properties. Intruders often rely on analysis of source code to identify and exploit vulnerability in software. The ability of intruders to understand and analyze code can be dramatically reduced through a process of stochastic unstructuring to increase software complexity as an intrusion barrier while preserving function and performance. The constructive proof of the Structure Theorem was originally applied as a systematic process for transforming complex, unstructured programs into function-equivalent structured form for improved understandability and maintenance. This process can be reversed to systematically introduce stochastic diversity by transforming structured programs into function-equivalent unstructured programs of arbitrary complexity that are virtually impossible to understand.
Keywords :
distributed processing; security of data; stochastic processes; function-equivalent structured form; function-equivalent unstructured programs; intrusion barrier; maintenance; software complexity; stochastic diversification; stochastic diversity; survivable systems software; systematic generation; systematic process; understandability; vulnerability; Costs; Cultural differences; Information analysis; Performance analysis; Software engineering; Software maintenance; Software performance; Stochastic processes; Stochastic systems; System software;
Conference_Titel :
Systems Sciences, 1999. HICSS-32. Proceedings of the 32nd Annual Hawaii International Conference on
Print_ISBN :
0-7695-0001-3
DOI :
10.1109/HICSS.1999.772901
