Scalable Monitoring and Replication with a Hybrid Multi-Variant Execution Environment

Multi-Variant Execution Environments (MVEEs) can improve the security and reliability of systems software in a variety of ways. They do this by executing a set of closely related program variants on the same inputs and by monitoring their behavior for divergences (which can indicate hardware failures, ongoing attacks, or patching/configuration failures, depending on how the variants are constructed). Existing MVEEs perform these tasks by running the program variants in lock-step using a monitor to intercept and (potentially) replicate system calls. This design limits the practicality and applicability of MVEEs because full monitoring (i) incurs high run-time overheads, and (ii) reveals benign behavioral divergences that can lead to premature termination of the MVEE.This project will explore techniques to apply Multi-Variant Execution selectively to only a portion of the executed program. In this proposed Hybrid Multi-Variant Execution Environment (HMVEE), the monitored program would be divided into two partitions. The monomorphic partition, which would be identical across variants, consists of code that is always executed in single-variant mode, while the polymorphic partition, which can differ across variants, consists of code that is executed in multi-variant mode.The proposed design has several advantages over traditional (full) MVEEs. First, the HMVEE allows for finer-grained tradeoffs between performance on the one hand and the scope of the protection on the other hand. Second, variants running in the HMVEE would not exhibit behavioral divergences (which cause MVEEs to shut down) in the monomorphic partition. Third, the HMVEE allows developers to incrementally convert programs so they can run in a multi-variant environment.

Keywords:Hybrid

Disciplines:Applied mathematics in specific fields