Malware resistant networking using system diversity

Abstract

In the biological world, species are known to ensure survival by introducing variations among individuals of the species, some of which may have superior survival characteristics in the event of certain environmental changes. While not precisely equivalent, networked computer systems also must 'survive' in a rapidly changing environment. In particular, as with its biological analog there are predators in the network world that must be thwarted.This paper shows that in the macro-, as well as in the micro- senses, system diversity is an important tool for network survivability. A malware attack on the Internet can have serious implications for many nodes but is unlikely to cross operating system or server application boundaries and thus to entirely disrupt the heterogeneous Internet.Individual networks that attach to the Internet can be developed using layers of servers, each with a different hardware and/or software basis, to isolate core servers from networked malefactors. Such a topology requires an attacker to employ a wide range of exploits, different ones tailored to each system at each protective layer of systems. This paper demonstrates how the layering technique protects networked systems. © 2005 ACM.