 |
|
|
Award Abstract #0311686
Collaborative Research: Automated and Adaptive Diversity for Improving Computer Systems Security
| NSF Org: |
CNS
Division of Computer and Network Systems
|
|
|
| Initial Amendment Date: |
August 6, 2003 |
|
| Latest Amendment Date: |
May 25, 2005 |
|
| Award Number: |
0311686 |
|
| Award Instrument: |
Continuing grant |
|
| Program Manager: |
Karl N. Levitt
CNS Division of Computer and Network Systems
CSE Directorate for Computer & Information Science & Engineering
|
|
| Start Date: |
August 15, 2003 |
|
| Expires: |
July 31, 2007 (Estimated) |
|
| Awarded Amount to Date: |
$250000 |
|
| Investigator(s): |
Stephanie Forrest forrest@cs.unm.edu (Principal Investigator)
|
|
| Sponsor: |
University of New Mexico
1700 Lomas Blvd. NE
ALBUQUERQUE, NM 87131 505/277-4186
|
|
| NSF Program(s): |
TRUSTED COMPUTING
|
|
| Field Application(s): |
|
|
| Program Reference Code(s): |
HPCC, 9218, 9150, 7254, 1667
|
|
| Program Element Code(s): |
2802
|
ABSTRACT
Proposal Number: NSF Collaborative Proposals CCR-0311808 and
CCR-0311686
Title: Automated and Adaptive Diversity for Improving Computer System
Security
PI: Stephanie Forrest
Abstract: Diversity is an important source of robustness in biological systems. Because each individual has slightly different properties, it is unlikely that any single pathogen will eliminate or escape the
entire population. By contrast, today's computer systems are largely homogeneous, being overwhelmingly dominated by one or two operating systems and a few common applications from a handful of software
vendors. This fact is routinely exploited by attackers via Internet worms such as Code Red, which infected over 250,000 systems in just nine hours using a single buffer overflow vulnerability.
The project will develop methods for diversifying computer systems automatically and systematically -- exploring diversity at various levels of a system and for various purposes, e.g., to make a system
more difficult to compromise, to make a system more difficult to damage even after a successful compromise, and to make it more difficult for a successful compromise to evade detection. In order
to succeed, many of the mechanisms explored in this work must hide or disguise information about system specifics from an attacker, and this theme will underlie several of the projects.
PUBLICATIONS PRODUCED AS A RESULT OF THIS RESEARCH
(Showing: 1 - 7 of 7).
C. Warrender, S. Forrest, and F. Koster.
"Modeling intercellular interactions in early Mycobacterium infection,"
Bulletin of Mathematical Biology,
v.?,
2006,
p. ?.
D. L. Chao, M. P. Davenport, S. Forrest, A. S. Perelson.
"The effects of thymic selection on the range of T cell cross-reactivity,"
European Journal of Immunology,
v.35,
2005,
p. 3452.
G.Barrantes, D. Ackley, S. Forrest, and D. Stefanovic.
"Randomized instruction set randomization,"
ACM Transactions on Information Systems Security (TISSEC),
v.8:1,
2005,
p. 3.
J. Balthrop, S. Forrest, M. Newman, and M. Williamson.
"Technological networks and the spread of computer viruses,"
Science,
v.304,
2004,
p. 527.
M. Glickman, J. Balthrop, and S. Forrest.
"A machine learning evaluation of an artificial immune system,"
Evolutionary Computation Journal,
v.13:2,
2005,
p. 179.
P. Holme, J. Karlin, and S. Forrest.
"Radial structure of the Internet,"
Proc. Royal Academy A,
v.463,
2007,
p. 1231.
S. Forrest and C. Beauchemin.
"Computer Immunology,"
Immunological Reviews,
v.216,
2007,
p. 176.
(Showing: 1 - 7 of 7).
Please report errors in award information by writing to: awardsearch@nsf.gov.
|
|
|
