Affiliation:
1. SyedAmmal Engineering College
Abstract
The growth of interconnected computer increases the amount and obscurity of attacks. Computer systems require apt security mechanism. Intrusion detection and prevention systems play an important part in detecting and preventing the attacks before they conciliate software. Multi-variant execution environment is an intrusion detection and prevention mechanism that executes several slightly different versions of a program, called variants, in concurrency. The variants are defined as more than 2 same instances. These variants contain the same operational unit of the original program. The variants are built to have indistinguishable manners under normal execution environment. If any of the variant is under attack, there are noticeable divergences in their execution behavior. A monitor compares the execution manners of the variants at specific synchronization points and raises an alarm when a variance is detected.
Publisher
Trans Tech Publications, Ltd.
Reference17 articles.
1. C. Parampalli, R. Sekar, and R. Johnson, A Practical Mimicry Attack against Powerful System-Call Monitors, Proc. ACM Symp. Information, Computer, and Comm. Security, pp.156-167, (2008).
2. Atul Singh, NishantSinha, NitinAgrawal, AVATARs for Pennies: Cheap N-version Programming for Replication", USENIX Sixth Workshop on Hot Topics in System Dependability (HotDep , 10), Oct 2010, Vancouver, BC, Canada.
3. G. Kc, A. Keromytis, and V. Prevelakis, Countering Code-Injection Attacks with Instruction-Set Randomization, Proc. ACM Conf. Computer and Comm. Security, pp.272-280, (2003).
4. Thomas C. Bressoud, Fred B. Schneider. Hypervisor-Based Fault-Tolerance, ACM Transactions on Computer Systems, Vol. 14, No. 1, February 1996, Pages 80-107.
5. Jun Zhu, Wei Dong, Zhefu Jiang, Xiaogang Shi, Zhen Xiao, Xiaoming Li, Improving the Performance of Hypervisor-Based Fault-Tolerance.