N-Variant Systems:
A Secretless Framework for Security through Diversity

David Evans
Institute of Software, Chinese Academy of Sciences
Beijing, China
29 May 2006


The current computing monoculture leaves our infrastructure vulnerable to a massive, rapid attack. One technique that has been proposed to mitigate this threat is to artificially increase software diversity by transforming programs to produce diverse executables. These techniques depend on keeping a key used to control the transformation secret from potential attackers. Previous techniques have used artificial diversity in a way that depends on keeping a key secret from attacker. These techniques are vulnerable to incremental probing attacks that can determine the key, as well as insider and side channel attacks.

The N-Variant Systems framework is a new architectural framework that uses artificial diversity to enhance security. Unlike previous approaches, however, it does not rely on keeping any secrets. Instead, the framework requires an attacker to compromise one of the system variants without producing detectable behavior on another system variant processing the same input. By constructing variants with disjoint exploitation sets, we can make it impossible to successfully carry out large classes of important attacks. In this talk, I will describe our framework and prototype implementation, identify some useful variations, and present results using it to protect an Apache server.

Bio: David Evans is an Assistant Professor at the University of Virginia and Program Director of the interdisciplinary major in Computer Science. He has SB, SM and PhD degrees in Computer Science from MIT. His research interests include program analysis, exploiting properties of the physical world for security, and applications of cryptography. For more information, see http://www.cs.virginia.edu/evans/

Note: This talk includes joint work with Ben Cox, Jack Davidson, Adrian Filipi, John Knight, Anh Nguyen-Tuong, Nathanael Paul, Jonathan Rowanhill, and Nora Sovarel funded by grants from DARPA (SRS program) and NSF (Cyber Trust).

Slides: [PPT, PDF]

N-Variant systems Project