Proactive Obfuscation
| dc.contributor.author | Roeder, Tom | |
| dc.contributor.author | Schneider, Fred B. | |
| dc.date.accessioned | 2009-03-28T00:33:56Z | |
| dc.date.available | 2009-03-28T00:33:56Z | |
| dc.date.issued | 2009-03-28T00:33:56Z | |
| dc.description.abstract | Proactive obfuscation is a new method for creating server replicas that are likely to have fewer shared vulnerabilities. It uses semantics-preserving code transformations to generate diverse executables, periodically restarting servers with these fresh versions. The periodic restarts help bound the number of compromised replicas that a service ever concurrently runs, and therefore proactive obfuscation makes an adversary's job harder. Proactive obfuscation was used in implementing two prototypes: a distributed firewall based on state-machine replication and a distributed storage service based on quorum systems. Costs intrinsic to supporting proactive obfuscation were quantified by measuring the performance of these prototypes. | en_US |
| dc.description.sponsorship | Supported in part by AFOSR grant F9550-06-0019, National Science Foundation Grants 0430161 and CCF-0424422 (TRUST), and Microsoft Corporation. | en_US |
| dc.identifier.uri | https://hdl.handle.net/1813/12138 | |
| dc.language.iso | en_US | en_US |
| dc.subject | fault tolerance | en_US |
| dc.subject | security | en_US |
| dc.subject | reliability | en_US |
| dc.subject | distributed systems | en_US |
| dc.title | Proactive Obfuscation | en_US |
| dc.type | article | en_US |
Files
Original bundle
1 - 1 of 1