3.1 Introduction
The purpose of this chapter is to introduce the background material associated with: the practical viability of diversity, how greater numbers of connected devices is driving more peer-to-peer wireless networks, how malware and vulnerabilities are associated with different layers of the software stack, and what gaps there are in this field of research. This chapter is split into three sections:
Computing Systems: The first section discusses enabling technologies of future
computing systems that have the potential to aid in the realisation of biodiversity as a security mechanism. These include automated software generation and dissemination, virtualisation and hardware support, and the modularity of software stacks. Topology is considered with a focus on networks conducting peer-to-peer communication.
Cyber Security: The second section on cyber security predominantly discusses
environments. It summarises the different types of malware along with the stages of a successful malware attack. The location and types of vulnerabilities exploited by malware within the software stack are discussed. The implications of attacks using multiple and publically unknown exploits are highlighted.
Diversity: The third section explores the literature on the current state of research
associated with diversity within computing systems. Three main areas of research are reviewed including the diversification of software at the code level, diversification at the network level and the metrics used to evaluate diversity within such systems. This section concludes with an evaluation of the open areas of research within this field.
3.2 Computing Systems
3.2.1 Enabling Technologies
The future of computing systems lies within a globally connected world of devices and people, and will combine advancements in enabling technologies to provide access anywhere and at anytime. Some of these enabling technologies could also be utilised to realise diversity. Particular attention is given to automated software generation, including dissemination and updating, virtualisation and hardware support, and the modularity of software stacks.
3.2.1.1 Automated Software
The dissemination of software traditionally involved a pre-installation on a new device, or through the purchase of a disk. Nowadays software can be readily downloaded via the Internet, updates are often automated, and users can choose
from a broad range of application software. Franz [110] identifies one of the fundamental enablers of diversity to be the ease of obtaining software, making it possible to distribute and patch unique versions. The advancement of dynamic
software compilation and cloud computing could be harnessed to provide the necessary
computing power to generate large volumes of these unique versions as and when required. In addition to this, efforts are being sought to prevent the need to restart software or computers when patches are applied. Much research has been conducted around dynamic software updating (DSU) which would allow the unique versions to be updated or modified without affecting functionality or run-time performance [111] [112].
3.2.1.2 Virtualisation
Virtualisation is seen as one of the key enabling technologies for the future Internet. It is the artificial creation of a resource such as a hardware platform, storage device or server by combining or partitioning physical hardware or software and isolating it from the rest of the system [113]. For example the resources of a single computer could be partitioned so it appears there are two isolated computers available instead of one. Virtualisation has grown rapidly because of its use in cloud computing [114] and Bring Your Own Devices (BYODs) [115]. It has been used for many years in desktop computers, but more recently in mobile devices with software such as Horizon Mobile by VMware [116], and open source software led by the Xen project and backed by AMD and Google [117]. Virtualisation has use in
(embedded) [113], increasing hardware utilisation, security, and efficient administration [124].
Virtualisation within devices could prove to be a useful tool in the realisation of software diversity due to its ability to switch between isolated software programs, operating systems, or entire software stacks, and could provide an alternative to, or complement the research field of dynamic software updating. Devices could be pre- installed with only a low level virtualisation and management layer, so that the enabling technologies of dynamic software compilation and cloud computing could be used to provide hardware-independent functionality and individually tailored operating systems and drivers as and when required [113]. Virtualisation can also isolate malware prone applications by providing some protection against known and unknown viruses through protecting the disk and files. If an infection occurs software can be reloaded to its original, known good state and thus remove the malware. Virtualisation can be partial, for example through sandboxing (Figure 3-1 (a)) of malware prone applications such as web browsers. Sandboxes examine certain system calls for malicious behaviour, then rewrite or block them as appropriate. Virtualisation can also be full using virtual machines (VMs) (Figure 3-1 (b)) to isolate whole operating systems [125]. VMs are created and managed by Hypervisors [126] which either sit directly on top of the physical hardware (type 1 hypervisor) or sit on top of the host operating system (type 2 hypervisor). Although virtualisation has the potential to aid diversity, there are a number of design issues that would need to be addressed before it can be practically used (§9.3.2.4.)