Diversity Project

The overall objective is to develop applications that dynamically recover with immunity from cyber attacks.

Many cyber attacks require detailed knowledge about how an application works, how it consumes resources (such as memory or CPU), how it interacts with other components in its deployment environment (e.g., the operating system or database engines), and how it interacts with the network. For example, a side-channel attack needs to know (or learn) the correlation between an application’s externally visible responses and the private data being sought. Detailed knowledge may be acquired by examining source code, when available, or by profiling the application based on the results of inputs designed to reveal the internal structure of the application.

The objective of this effort is to develop coarse-grained synthetic diversity to continually vary the applications structure and its interactions with its environment and the network, and thus make it much harder for an attacker to acquire detailed knowledge and, should an attack succeed, to limit the damage and to transition to a new variant of the application that is immune to the attack.

This project is sponsored by AFRL.