NOTICE: Due to a lapse in annual appropriations, most of this website is not being updated. Learn more.

Form submissions will still be accepted but will not receive responses at this time. Sections of this site for programs using non-appropriated funds (such as NVLAP) or those that are excepted from the shutdown (such as CHIPS and NVD) will continue to be updated.

U.S. flag

An official website of the United States government

Official websites use .gov
A .gov website belongs to an official government organization in the United States.

Secure .gov websites use HTTPS
A lock ( ) or https:// means you’ve safely connected to the .gov website. Share sensitive information only on official, secure websites.

PUBLICATIONS

Optimizing the Network Diversity to Improve the Resilience of Networks Against Unknown Attacks

Published

Author(s)

Daniel Borbor, Lingyu Wang, Sushil Jajodia, Anoop Singhal

Abstract

Diversity as a security mechanism is receiving renewed interest due to its potential for improving the resilience of software and networks against previously unknown attacks. Recent works show diversity can be modeled and quantified as a security metric at the network level. However, such efforts do not directly provide a solution for improving the network diversity. On the other hand, existing network hardening approaches largely focus on handling vulnerabilities and do not pay special attention to diversity. In this paper, we propose an automated approach to diversifying network services under various cost constraints in order to improve the network's resilience against unknown attacks. Specifically, we first define models for network services and their relationships, diversification options, and the costs. We then formulate the optimization problem of diversifying network services under given cost constraints. We devise optimization and heuristic algorithms for efficiently solving the problem, and we evaluate our approach through simulations.
Citation
Computer Communications
Volume
145
Pub Type
Journals

Download Paper

https://doi.org/10.1016/j.comcom.2019.06.004
Local Download

Keywords

Diversity, Network security, Optimization, Zero day attack
Networking and Cybersecurity and privacy

Citation

Borbor, D. , Wang, L. , Jajodia, S. and Singhal, A. (2019), Optimizing the Network Diversity to Improve the Resilience of Networks Against Unknown Attacks, Computer Communications, [online], https://doi.org/10.1016/j.comcom.2019.06.004, https://tsapps.nist.gov/publication/get_pdf.cfm?pub_id=926444 (Accessed October 8, 2025)

Issues

If you have any questions about this publication or are having problems accessing it, please contact [email protected].

Created August 31, 2019, Updated October 12, 2021
Was this page helpful?