This Article 
   
 Share 
   
 Bibliographic References 
   
 Add to: 
 
Digg
Furl
Spurl
Blink
Simpy
Google
Del.icio.us
Y!MyWeb
 
 Search 
   
Security through Diversity: Are We There Yet?
Mar.-Apr. 2014 (vol. 12 no. 2)
pp. 28-35
Per Larsen, University of California, Irvine
Stefan Brunthaler, University of California, Irvine
Michael Franz, University of California, Irvine
Because most software attacks rely on predictable behavior on the target platform, mass distribution of identical software facilitates mass exploitation. Countermeasures include moving-target defenses in general and biologically inspired artificial software diversity in particular. Although the concept of software diversity has interested researchers for more than 20 years, technical obstacles prevented its widespread adoption until now. Massive-scale software diversity has become practical due to the Internet (enabling distribution of individualized software) and cloud computing (enabling the computational power to perform diversification). In this article, the authors take stock of the current state of software diversity research. The potential showstopper issues are mostly solved; the authors describe the remaining issues and point to a realistic adoption path.
Index Terms:
Computer security,Program processors,Computer crime,Software architecture,Runtime environment,Memory management,Prediction methods,Internet,testing and debugging,system issues,software engineering,compilers,programming languages,error handling and recovery
Citation:
Per Larsen, Stefan Brunthaler, Michael Franz, "Security through Diversity: Are We There Yet?," IEEE Security & Privacy, vol. 12, no. 2, pp. 28-35, Mar.-Apr. 2014, doi:10.1109/MSP.2013.129
Usage of this product signifies your acceptance of the Terms of Use.