Improving sensor network immunity under worm attacks: A software diversity approach

Yang, Yi; Zhu, Sencun

doi:10.1016/j.adhoc.2016.04.011

Cited by 27 publications

(32 citation statements)

References 16 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…Its solutions is a natural option in modelling a wide range of real-life problem for making globally optional decision [14] [4]. In most cases, however, the basic graph coloring problem fails to model some real-life problems where additional constraints have to be satisfied.…”

Section: Related Workmentioning

confidence: 99%

“…Data randomization [10] is another randomized-based approach, which applies masks on data in the memory, so that the attacker cannot determine memory regions that are associated with particular objects. Diversity at the network level is achieved by using different applications [4] [5], operating systems, and shuffling techniques within a networked system [11]. N-version programming was introduced in the 1970s which depends on functionally equivalent versions of the same program and monitors the behavior of the variants in order to detect divergence of the results [12].…”

Section: Related Workmentioning

confidence: 99%

“…In contrast to homogeneous systems by software monoculture, heterogeneous architectures are expected to have higher survivability [3][4][5]. This point is very much like the maintenance of genetic and ecosystem diversity in biology.…”

Section: Introductionmentioning

confidence: 99%

See 2 more Smart Citations

Toward Software Diversity in Heterogeneous Networked Systems

Huang

Zhu

Erbacher

2014

Lecture Notes in Computer Science

Self Cite

View full text Add to dashboard Cite

Abstract. When there are either design or implementation flaws, a homogeneous architecture is likely to be disrupted entirely by a single attack (e.g., a worm) that exploits its vulnerability. Following the survivability through heterogeneity philosophy, we present a novel approach to improving survivability of networked systems by adopting the technique of software diversity. Specifically, we design an efficient algorithm to select and deploy a set of off-the-shelf software to hosts in a networked system, such that the number and types of vulnerabilities presented on one host would be different from that on its neighboring nodes. In this way, we are able to contain a worm in an isolated "island". This algorithm addresses software assignment problem in more complex scenarios by taking into consideration practical constraints, e.g., hosts may have diverse requirements based on different system prerequisites. We evaluate the performance of our algorithm through simulations on both simple and complex system models. The results not only confirm the effectiveness and scalability of our algorithm, but also show its capability in creating moving attack surface. The level of heterogeneity our algorithm can actually create depends on the ratio of the number of installed software to the total number of available software.

show abstract

Section: Related Workmentioning

confidence: 99%

Section: Related Workmentioning

confidence: 99%

See 1 more Smart Citation

Toward Software Diversity in Heterogeneous Networked Systems

Huang

Zhu

Erbacher

2014

Lecture Notes in Computer Science

Self Cite

View full text Add to dashboard Cite

show abstract

“…To defend against the sensor worm attacks, several schemes are proposed to prevent worm propagation in sensor networks [1][2][3]12]. Yang et al [3] first applied a software diversity technique to prevent worm propagation in sensor networks.…”

Section: Related Workmentioning

confidence: 99%

“…To meet this goal, several schemes have been developed for worm defense in the sensor network [1][2][3]. The key idea of these schemes prevents worm propagation by enforcing two adjacent nodes to have distinct software versions, leading to worm dissemination failure between two adjacent nodes.…”

Section: Introductionmentioning

confidence: 99%

Distributed Software-Attestation Defense against Sensor Worm Propagation

2015

Journal of Sensors

View full text Add to dashboard Cite

Wireless sensor networks are vulnerable to sensor worm attacks in which the attacker compromises a few nodes and makes these compromised nodes initiate worm spread over the network, targeting the worm infection of the whole nodes in the network. Several defense mechanisms have been proposed to prevent worm propagation in wireless sensor networks. Although these proposed schemes use software diversity technique for worm propagation prevention under the belief that different software versions do not have common vulnerability, they have fundamental drawback in which it is difficult to realize the aforementioned belief in sensor motes. To resolve this problem, we propose on-demand software-attestation based scheme to defend against worm propagation in sensor network. The main idea of our proposed scheme is to perform software attestations against sensor nodes in on-demand manner and detect the infected nodes by worm, resulting in worm propagation block in the network. Through analysis, we show that our proposed scheme defends against worm propagation in efficient and robust manner. Through simulation, we demonstrate that our proposed scheme stops worm propagation at the reasonable overhead while preventing a majority of sensor nodes from being infected by worm.

show abstract