Software Diversity: Security, Entropy and Game Theory
نویسندگان
چکیده
Although many have recognized the risks of software monocultures, it is not currently clear how much and what kind of diversity would be needed to address these risks. Here we attempt to provide insight into this issue using a simple model of hosts and vulnerabilities connected in a bipartite graph. We use this graph to compute diversity metrics as Renyi entropy and to formulate an anti-coordination game to understand why computer host owners would choose to diversify. Since security isn’t the only factor considered when choosing software in the real world, we propose a slight variation of the popular security wargame Capture the Flag that can serve as a testbed for understanding the utility of diversity as a defense strategy.
منابع مشابه
A Hybrid Grey-Game-MCDM Method for ERP Selecting Based on BSC
An enterprise resource planning (ERP) software is needed for industries and companies that want to develop in future. Many of the manufactures and companies have a problem with ERP software selection. An inappropriate selection process can affect both the implementation and the performance of the company significantly. Although several models are proposed to solve this problem many of them did n...
متن کاملInterdependent Security Game Design over Constrained Linear Influence Networks
In today's highly interconnected networks, security of the entities are often interdependent. This means security decisions of the agents are not only influenced by their own costs and constraints, but also are affected by their neighbors’ decisions. Game theory provides a rich set of tools to analyze such influence networks. In the game model, players try to maximize their utilities through se...
متن کاملMeasuring and Prioritizing the Quality of Identity in Historical Context Using the Entropy- Topsis Technique (Case Study: Sang-e-siyah Quarter)
Shiraz has precious historical textures that various parts and objects have been added to during contemporary city developments that these process and changes sometimes damaging its identity. Since historic textures have turned to lose identity, land prices drop down, main and old residents departure, new residents are disruptively interfering urban and architectural interventions. Today, the e...
متن کاملUsing Game Theory to Model the Evolution of Information: an Illustrative Game
The application of information theory to biology can be broadly split into three areas: (i) At the level of the genome; considering the storage of information using the genetic code. (ii) At the level of the individual animal; communication between animals passes information from one animal to another (usually, but not always, for mutual benefit). (iii) At the level of the population; the diver...
متن کاملQuantitative evaluation of software security: an approach based on UML/SecAM and evidence theory
Quantitative and model-based prediction of security in the architecture design stage facilitates early detection of design faults hence reducing modification costs in subsequent stages of software life cycle. However, an important question arises with respect to the accuracy of input parameters. In practice, security parameters can rarely be estimated accurately due to the lack of sufficient kn...
متن کاملذخیره در منابع من
با ذخیره ی این منبع در منابع من، دسترسی به آن را برای استفاده های بعدی آسان تر کنید
عنوان ژورنال:
دوره شماره
صفحات -
تاریخ انتشار 2012