Paper Info
Title
Double Helix and RAVEN: A System for Cyber Fault Tolerance and Recovery.
Abstract
Cyber security research has produced numerous artificial diversity techniques such as address space layout randomization, heap randomization, instruction-set randomization, and instruction location randomization. To be most effective, these techniques must be high entropy and secure from information leakage which, in practice, is often difficult to achieve. Indeed, it has been demonstrated that well-funded, determined adversaries can often circumvent these defenses. To allow use of low-entropy diversity, prevent information leakage, and provide provable security against attacks, previous research proposed using low-entropy but carefully structured artificial diversity to create variants of an application and then run these constructed variants within a fault-tolerant environment that runs each variant in parallel and cross check results to detect and mitigate faults. If the variants are carefully constructed, it is possible to prove that certain classes of attack are not possible. This paper presents an overview and status of a cyber fault tolerant system that uses a low overhead multi-variant execution environment and precise static binary analysis and efficient rewriting technology to produce structured variants which allow automated verification techniques to prove security properties of the system. Preliminary results are presented which demonstrate that the system is capable of detecting unknown faults and mitigating attacks.
Year
DOI
Venue
2016
10.1145/2897795.2897805
CISRC
DocType
Citations 
PageRank 
Conference
3
0.39
References 
Authors
15
13
Name
Order
Citations
PageRank
Michele Co11448.84
Jack W. Davidson21535177.98
Jason Hiser358533.57
John Knight41402151.05
Anh Nguyen-tuong568861.25
Westley Weimer63510162.27
Jonathan Burket7171.47
Gregory L. Frazier850.98
Tiffany M. Frazier9292.52
Bruno Dutertre1070447.66
Ian A. Mason1179797.47
Natarajan Shankar123050309.55
Stephanie Forrest1364481102.07