Automated Methods for Creating Diversity in Computer Systems

Gabriela Barrantes
Escuela de Ciencias de la Computación e Informática, Universidad de Costa Rica, San Jose, Costa Rica
Automated Methods for Creating Diversity in Computer Systems
The pervasive homogeneity of computer systems attached to the Internet represents a serious security threat. Once an effective attack is crafted against one machine, it can quickly and easily be used against thousands of identical systems. A possible response to this situation can be found using biological diversity as inspiration. In nature, diversity provides a defense against unpredictable threats by maximizing the probability that some individuals will survive. Diversity in computer systems could confer security benefits by protecting against attacks that rely on homogeneity. Reducing the uniformity in existing systems is, however, a non-trivial task, as standardization must be maintained at many interface points.

In this talk I will discuss the costs and benefits of automated diversity showing our results from the implementation of three different diversifications.