Remember Me
Or use your Academic/Social account:


Or use your Academic/Social account:


You have just completed your registration at OpenAire.

Before you can login to the site, you will need to activate your account. An e-mail will be sent to you with the proper instructions.


Please note that this site is currently undergoing Beta testing.
Any new content you create is not guaranteed to be present to the final version of the site upon release.

Thank you for your patience,
OpenAire Dev Team.

Close This Message


Verify Password:
Verify E-mail:
*All Fields Are Required.
Please Verify You Are Human:
fbtwitterlinkedinvimeoflicker grey 14rssslideshare1
Garcia, M.; Bessani, A. N.; Gashi, I.; Neves, N.; Obelheiro, R. R. (2011)
Languages: English
Types: Unknown
Subjects: QA76
One of the key benefits of using intrusion-tolerant systems is the possibility of ensuring correct behavior in the presence of attacks and intrusions. These security gains are directly dependent on the components exhibiting failure diversity. To what extent failure diversity is observed in practical deployment depends on how diverse are the components that constitute the system. In this paper we present a study with operating systems (OS) vulnerability data from the NIST National Vulnerability Database. We have analyzed the vulnerabilities of 11 different OSes over a period of roughly 15 years, to check how many of these vulnerabilities occur in more than one OS. We found this number to be low for several combinations of OSes. Hence, our analysis provides a strong indication that building a system with diverse OSes may be a useful technique to improve its intrusion tolerance capabilities.
  • The results below are discovered through our pilot algorithms. Let us know how we are doing!

    • [1] L. Lamport, R. Shostak, and M. Pease, “The Byzantine generals problem,” ACM Trans. on Programing Languages and Systems, vol. 4, no. 3, 1982.
    • [2] P. Verissimo, N. F. Neves, and M. P. Correia, “Intrusiontolerant architectures: Concepts and design,” in Architecting Dependable Systems, ser. LNCS, 2003, vol. 2677.
    • [3] M. Castro and B. Liskov, “Practical Byzantine fault-tolerance and proactive recovery,” ACM Trans. on Computer Systems, vol. 20, no. 4, 2002.
    • [4] J. Yin, J.-P. Martin, A. Venkataramani, L. Alvisi, and M. Dahlin, “Separating agreement form execution for Byzantine fault tolerant services,” in Proc. of the ACM Symp. on Operating Systems Principles, 2003.
    • [5] M. Correia, N. F. Neves, and P. Veríssimo, “How to tolerate half less one Byzantine nodes in practical distributed systems,” in Proc. of the IEEE Symp. on Reliable Distributed Systems, 2004.
    • [6] M. Abd-El-Malek, G. Ganger, G. Goodson, M. Reiter, and J. Wylie, “Fault-scalable Byzantine fault-tolerant services,” in Proc. of the ACM Symp. on Operating Systems Principles, 2005.
    • [7] A. N. Bessani, E. P. Alchieri, M. Correia, and J. S. Fraga, “DepSpace: a Byzantine fault-tolerant coordination service,” in Proc. of the ACM/EuroSys Conference on Computer Systems, 2008.
    • [8] M. Serafini, P. Bokor, D. Dobre, M. Majuntke, and N. Suri, “Scrooge: Reducing the costs of fast Byzantine replication in presence of unresponsive replicas,” in Proc. of the IEEE/IFIP Dependable Systems and Networks, 2010.
    • [9] H. Moniz, N. F. Neves, M. Correia, and P. Verissimo, “RITAS: Services for randomized intrusion tolerance,” IEEE Trans. on Dependable and Secure Computing, vol. 8, no. 1, 2011.
    • [10] “National Vulnerability Database,” http://nvd.nist.gov/.
    • [11] B. Randell, “System structure for software fault tolerance,” IEEE Trans. on Software Engineering, vol. 1, no. 2, 1975.
    • [12] A. Avizienis and L. Chen, “On the implementation of Nversion programming for software fault tolerance during execution,” in Proc. of the IEEE Computer Software and Applications Conf., 1977.
    • [13] M. K. Joseph and A. Avizienis, “A fault-tolerant approach to computer viruses,” in Proc. of the IEEE Symp. on Research in Security and Privacy, 1988.
    • [14] S. Forrest, A. Somayaji, and D. H. Ackley, “Building diverse computer systems,” in Proc. of the Workshop on Hot Topics in Operating Systems, 1997.
    • [15] S. A. Hofmeyr and S. Forrest, “Architecture for an artificial immune system,” Evolutionary Computation, vol. 8, no. 4, 2000.
    • [16] Y. Deswarte, K. Kanoun, and J.-C. Laprie, “Diversity against accidental and deliberate faults,” in Computer Security, Dependability, and Assurance: From Needs to Solutions, 1998.
    • [17] R. R. Obelheiro, A. N. Bessani, L. C. Lung, and M. Correia, “How practical are intrusion-tolerant distributed systems?” Department of Informatics, University of Lisbon, DI/FCUL TR 06-15, 2006.
    • [18] I. Gashi, P. Popov, and L. Strigini, “Fault tolerance via diversity for off-the-shelf products: A study with SQL database servers,” IEEE Trans. on Dependable and Secure Computing, vol. 4, no. 4, 2007.
    • [19] B. P. Miller, L. Fredriksen, and B. So, “An empirical study of the reliability of UNIX utilities,” Communications of the ACM, vol. 33, no. 12, 1990.
    • [20] B. Miller, D. Koski, C. Lee, V. Maganty, R. Murthy, A. Natarajan, and J. Steidl, “Fuzz revisited: A re-examination of the reliability of UNIX utilities and services,” University. of Wisconsin-Madison, CS-TR 1995-1268, 1995.
    • [21] A. Chou, J.-F. Yang, B. Chelf, S. Hallem, and D. Engler, “An empirical study of operating systems errors,” in Proc. of the ACM Symp. on Operating Systems Principles, 2001.
    • [22] A. Ozment and S. E. Schechter, “Milk or wine: Does software security improve with age?” in Proc. of the USENIX Security Symp., 2006.
    • [23] P. Anbalagan and M. Vouk, “Towards a unifying approach in understanding security problems,” in Proc. of the IEEE Int. Symp. on Software Reliability Engineering, 2009.
    • [24] P. Koopman and J. DeVale, “Comparing the robustness of POSIX operating systems,” in Proc. of the IEEE Int. Symp. on Fault-Tolerant Computing, 1999.
    • [25] R. J. Anderson, “Security in open versus closed systems-the dance of Boltzmann, Coase and Moore,” in Conf. on Open Source Software: Economics, Law and Policy, 2002.
    • [26] E. Rescorla, “Is finding security holes a good idea?” IEEE Security & Privacy, vol. 3, no. 1, 2005.
    • [27] O. H. Alhazmi and Y. K. Malayia, “Quantitative vulnerability assessment of systems software,” in Proc. of the Annual Reliability and Maintainability Symp., 2005.
    • [28] --, “Application of vulnerability discovery models to major operating systems,” IEEE Trans. on Reliability, vol. 57, no. 1, 2008.
    • [29] M. R. Lyu, Ed., Handbook of Software Reliability Engineering. McGraw-Hill, 1995.
    • [30] G. Schryen, “Security of open source and closed source software: An empirical comparison of published vulnerabilities,” in Proc. of the Americas Conf. on Information Systems, 2009.
    • [31] A. Ozment, “Vulnerability discovery & software security,” Ph.D. dissertation, University of Cambridge, 2007.
    • [32] B. Littlewood, P. Popov, and L. Strigini, “Modeling software design diversity: A review,” ACM Computing Surveys, vol. 33, no. 2, 2001.
    • [33] B. Littlewood and L. Strigini, “Redundancy and diversity in security,” in Proc. of the European Symp. on Research Computer Security, 2004.
    • [35] “Common platform enumeration,” http://cpe.mitre.org/.
    • [37] A. Ganapathi, V. Ganapathi, and D. Patterson, “Windows XP kernel crash analysis,” in Proc. of the Large Installation System Administration Conference, 2006.
    • [38] T. Newsham, “Format string attacks,” Guardent, Inc., Tech. Rep., 2000, available from http://www.thenewsh.com/ ~newsham/format-string-attacks.pdf.
    • [39] D. Ahmad, “The rising threat of vulnerabilities due to integer errors,” IEEE Security & Privacy, vol. 1, no. 4, 2003.
    • [40] D. Litchfield, “Hackproofing Oracle Application Server,” NGSSoftware Insight, Whitepaper, 2002.
    • [41] M. Labs, “2010 threat predictions,” Whitepaper, 2009, available from http://www.mcafee.com/us/local_content/white_ papers/7985rpt_labs_threat_predict_1209_v2.pdf.
  • No related research data.
  • No similar publications.

Share - Bookmark

Download from

Funded by projects

  • FCT | PTDC/EIA-EIA/100894/2008

Cite this article