, Diversify sensor nodes to improve resilience against node compromise, Proceedings of the fourth ACM workshop on Security of ad hoc and sensor networks , SASN '06, pp.101-112, 2006.
DOI : 10.1145/1180345.1180359
URL : http://citeseerx.ist.psu.edu/viewdoc/summary?doi=10.1.1.64.3108
, Multi-tier diversification in Web-based software applications, 2014.
URL : https://hal.archives-ouvertes.fr/hal-01089268
, Data diversity: an approach to software fault tolerance, IEEE Transactions on Computers, vol.37, issue.4, pp.418-425, 1988.
DOI : 10.1109/12.2185
, Component-Based Product-Line Engineering with the UML, 2002.
DOI : 10.1007/3-540-46020-9_34
, The N-Version Approach to Fault-Tolerant Software, IEEE Transactions on Software Engineering, vol.11, issue.12, pp.1491-1501, 1985.
DOI : 10.1109/TSE.1985.231893
, The methodology of n-version programming. Software fault tolerance 3, pp.23-46, 1995.
, Design diversity and the immune system paradigm: Cornerstones for information system survivability, 2000.
, Fault Tolerance by Design Diversity: Concepts and Experiments, Computer, vol.17, issue.8, pp.67-80, 1984.
DOI : 10.1109/MC.1984.1659219
, Impact of IT monoculture on behavioral end host intrusion detection, Proceedings of the 1st ACM workshop on Research on enterprise networking, WREN '09, pp.27-36, 2009.
DOI : 10.1145/1592681.1592686
URL : https://hal.archives-ouvertes.fr/hal-00795994
, Randomized instruction set emulation to disrupt binary code injection attacks, Proceedings of the 10th ACM conference on Computer and communication security , CCS '03, 2003.
DOI : 10.1145/948109.948147
URL : http://citeseerx.ist.psu.edu/viewdoc/summary?doi=10.1.1.4.3262
, Tailored source code transformations to synthesize computationally diverse program variants CA, USA Address obfuscation: an efficient approach to combat a board range of memory error exploits, Proc. of the Int. Symp. on Software Testing and Analysis (ISSTA) Proceedings of the USENIX Security Symposium, pp.149-159, 2003.
, Efficient techniques for comprehensive protection from memory error exploits, Proceedings of the USENIX Security Symposium, pp.271-286, 2005.
, Diversity for Security: A Study with Off-the-Shelf AntiVirus Engines, 2011 IEEE 22nd International Symposium on Software Reliability Engineering, pp.11-19, 2011.
DOI : 10.1109/ISSRE.2011.15
, PODS?A project on diverse software. Software Engineering, IEEE Transactions on, vol.9, pp.929-940, 1986.
, From the design of a generic metamorphic engine to a black-box classification of antivirus detection techniques, Journal in Computer Virology, vol.23, issue.3, pp.277-287, 2010.
DOI : 10.1007/s11416-009-0136-2
URL : https://hal.archives-ouvertes.fr/hal-00464807
, SQLrand: Preventing SQL Injection Attacks, Proceedings of the 2nd Applied Cryptography and Network Security (ACNS) Conference, pp.292-302, 2004.
, Would Diversity Really Increase the Robustness of the Routing Infrastructure against Software Defects, NDSS, 2008.
, Automatic workarounds for web applications, Proceedings of the eighteenth ACM SIGSOFT international symposium on Foundations of software engineering, FSE '10, pp.237-246, 2010.
DOI : 10.1145/1882291.1882327
URL : http://citeseerx.ist.psu.edu/viewdoc/summary?doi=10.1.1.661.2104
, Adaptive Random Testing: The ART of test case diversity, Journal of Systems and Software, vol.83, issue.1, pp.60-66, 2010.
DOI : 10.1016/j.jss.2009.02.022
, Mitigating buffer overflows by operating system randomization, 2002.
, Abstract delta modeling, ACM SIGPLAN Notices, vol.46, issue.2, pp.13-22, 2002.
DOI : 10.1145/1942788.1868298
URL : http://citeseerx.ist.psu.edu/viewdoc/summary?doi=10.1.1.172.7384
, Operating system protection through program evolution, Computers & Security, vol.12, issue.6, pp.565-584, 1993.
, Distributed application tamper detection via continuous software updates, Proceedings of the 28th Annual Computer Security Applications Conference on, ACSAC '12, pp.319-328, 2012.
DOI : 10.1145/2420950.2420997
, A taxonomy of obfuscating transformations, 1997.
, Manufacturing cheap, resilient, and stealthy opaque constructs, Proceedings of the 25th ACM SIGPLAN-SIGACT symposium on Principles of programming languages , POPL '98, pp.184-196, 1998.
DOI : 10.1145/268946.268962
, N-variant systems: a secretless framework for security through diversity, Proc. of the Conf. on USENIX Security Symposium (USENIX-SS'06, 2006.
, Global patterns of speciation and diversity, Nature, vol.13, issue.7253, pp.7253-384, 2009.
DOI : 10.1038/nature08168
, A theoretical basis for the analysis of multiversion software subject to coincident errors. Software Engineering, IEEE Transactions on, vol.12, pp.1511-1517, 1985.
, Diversity against accidental and deliberate faults, Proceedings Computer Security, Dependability, and Assurance: From Needs to Solutions (Cat. No.98EX358), p.171, 1998.
DOI : 10.1109/CSDA.1998.798364
URL : https://hal.archives-ouvertes.fr/hal-00761637
, Generating diverse software versions with genetic programming: an experimental study, IEE Proceedings - Software, vol.145, issue.6, pp.228-236, 1998.
DOI : 10.1049/ip-sen:19982444
, Searching for Cognitively Diverse Tests: Towards Universal Test Diversity Metrics, 2008 IEEE International Conference on Software Testing Verification and Validation Workshop, pp.178-186, 2008.
DOI : 10.1109/ICSTW.2008.36
, Evolving software product lines with aspects ICSE'08 Building Diverse Computer Systems, Software Engineering Proceedings of the 6th Workshop on Hot Topics in Operating Systems (HotOS-VI) (HOTOS '97, pp.261-270, 1997.
DOI : 10.1145/1368088.1368124
URL : http://citeseerx.ist.psu.edu/viewdoc/summary?doi=10.1.1.571.4987
, Object-level recombination of commodity applications, Proceedings of the 12th annual conference on Genetic and evolutionary computation, GECCO '10, pp.957-964, 2010.
DOI : 10.1145/1830483.1830653
, E unibus pluram, Proceedings of the 2010 workshop on New security paradigms, NSPW '10, pp.7-16, 2010.
DOI : 10.1145/1900546.1900550
, A study of the uniqueness of source code, Proceedings of the eighteenth ACM SIGSOFT international symposium on Foundations of software engineering, FSE '10, pp.147-156, 2010.
DOI : 10.1145/1882291.1882315
, Analysis of operating system diversity for intrusion tolerance. Software: Practice and Experience, pp.735-770, 2014.
, Fault diversity among off-the-shelf SQL database servers Fault tolerance via diversity for off-the-shelf products: A study with SQL database servers, Proceedings of International Conference on Dependable Systems and Networks. IEEE, pp.389-398, 2004.
, Using Diversity in Cloud-Based Deployment Environment to Avoid Intrusions, Software Engineering for Resilient Systems, pp.145-155, 2011.
DOI : 10.1007/978-3-540-39871-4_14
, On the Effectiveness of Software Diversity: A Systematic Study on Real-World Vulnerabilities, Detection of Intrusions and Malware, and Vulnerability Assessment, pp.127-146, 2009.
DOI : 10.1007/11663812_3
, N-version design versus one good version, IEEE Software, vol.14, issue.6, pp.71-76, 1997.
DOI : 10.1109/52.636672
URL : http://kar.kent.ac.uk/21442/1/N-version_Design_vs._One_Good_Version.pdf
, Adding Standardized Variability to Domain Specific Languages, 2008 12th International Software Product Line Conference, pp.139-148, 2008.
DOI : 10.1109/SPLC.2008.25
, Modeling product line architectures through change sets and relationships, Proceedings of the 29th international conference on Software Engineering, pp.189-198, 2007.
, Survivability through customization and adaptability: the Cactus approach, Proceedings DARPA Information Survivability Conference and Exposition. DISCEX'00, pp.294-307, 2000.
DOI : 10.1109/DISCEX.2000.825033
, Profile-guided automated software diversity, Proceedings of the 2013 IEEE/ACM International Symposium on Code Generation and Optimization (CGO), 2013.
DOI : 10.1109/CGO.2013.6494997
, Compiler-Generated Software Diversity, Moving Target Defense, pp.77-98, 2011.
DOI : 10.1007/978-1-4614-0977-9_4
, The Superdiversifier: Peephole Individualization for Software Protection, Advances in Information and Computer Security, pp.100-120, 2008.
DOI : 10.1007/978-3-540-89598-5_7
, Moving Target Defense, 2011.
, Reifying configuration management for object-oriented software, Proceedings of the 20th International Conference on Software Engineering, pp.240-249, 1998.
DOI : 10.1109/ICSE.1998.671133
, Automatic mining of functionally equivalent code fragments via random testing, Proceedings of the eighteenth international symposium on Software testing and analysis, ISSTA '09, pp.81-92, 2009.
DOI : 10.1145/1572272.1572283
, Review and analysis of synthetic diversity for breaking monocultures, Proceedings of the 2004 ACM workshop on Rapid malcode, pp.23-32, 2004.
, Featureoriented domain analysis (FODA) feasibility study, 1990.
, Cost of software design diversity an empirical evaluation, Proceedings 10th International Symposium on Software Reliability Engineering (Cat. No.PR00443), pp.242-247, 1999.
DOI : 10.1109/ISSRE.1999.809329
, Countering code-injection attacks with instruction-set randomization, Proceedings of the 10th ACM conference on Computer and communications security (CCS '03, pp.272-280, 2003.
, Implementing design diversity to achieve fault tolerance. Software, pp.61-71, 1991.
, A survey of randomization techniques against common mode attacks, 2005.
, An experimental evaluation of the assumption of independence in multi-version programming*, 1986.
, Genesis: A Framework for Achieving Software Component Diversity, 2007.
, Survivability Architectures: Issues and Approaches, DARPA Information Survivability Conference and Exposition, 1157.
, Comparing the robustness of POSIX operating systems, Digest of Papers. Twenty-Ninth Annual International Symposium on Fault-Tolerant Computing (Cat. No.99CB36352), pp.30-37, 1999.
DOI : 10.1109/FTCS.1999.781031
, SoK: Automated Software Diversity, 2014 IEEE Symposium on Security and Privacy, pp.276-291, 2014.
DOI : 10.1109/SP.2014.25
URL : http://citeseerx.ist.psu.edu/viewdoc/summary?doi=10.1.1.685.845
, An analysis of the variability in forty preprocessor-based software product lines, Proceedings of the 32nd ACM/IEEE International Conference on Software Engineering, ICSE '10, pp.105-114, 2010.
DOI : 10.1145/1806799.1806819
, Polymorphing Software by Randomizing Data Structure Layout, Detection of Intrusions and Malware, and Vulnerability Assessment, pp.107-126, 2009.
DOI : 10.1007/978-3-540-87403-4_1
, Conceptual modeling of coincident failures in multiversion software. Software Engineering, IEEE Transactions on, vol.15, issue.12, pp.1596-1614, 1989.
, Modeling software design diversity: a review, ACM Computing Surveys, vol.33, issue.2, pp.177-208, 2001.
DOI : 10.1145/384192.384195
, Reasoning about the Reliability of Diverse Two-Channel Systems in Which One Channel Is "Possibly Perfect", IEEE Transactions on Software Engineering, vol.38, issue.5, pp.1178-1194, 2012.
DOI : 10.1109/TSE.2011.80
, Diverse firewall design. Parallel and Distributed Systems, IEEE Transactions on, vol.19, issue.9, pp.1237-1251, 2008.
, Software Self-Healing Using Collaborative Application Communities, NDSS, 2006.
, A taxonomy of self-modifying code for obfuscation, Computers & Security, vol.30, issue.8, pp.679-691, 2000.
DOI : 10.1016/j.cose.2011.08.007
, Frequencydependent selection predicts patterns of radiations and biodiversity, PLoS computational biology, vol.6, issue.8, 2010.
, Empirical Evidence of Large-Scale Diversity in API Usage of Object-Oriented Software http://www.monperrus.net/martin/ diversity-api-usage.pdf G. Merckx Software security through targetted diversification, Proceedings of the IEEE International Working Conference on Source Code Analysis and Manipulation (SCAM), 2006.
, Object-oriented software construction, 1988.
, A design diversity metric and reliability analysis for redundant systems, International Test Conference 1999. Proceedings (IEEE Cat. No.99CH37034), pp.662-671, 1999.
DOI : 10.1109/TEST.1999.805794
, An Aspect-Oriented and Model-Driven Approach for Managing Dynamic Variability, Model driven engineering languages and systems, pp.782-796, 2008.
DOI : 10.1007/978-3-540-87875-9_54
URL : https://hal.archives-ouvertes.fr/inria-00468232
, Security through redundant data diversity, 2008 IEEE International Conference on Dependable Systems and Networks With FTCS and DCC (DSN), pp.187-196, 2008.
DOI : 10.1109/DSN.2008.4630087
URL : http://citeseerx.ist.psu.edu/viewdoc/summary?doi=10.1.1.143.3455
, Modeling of correlated failures and community error recovery in multiversion software. Software Engineering, IEEE Transactions on, vol.16, issue.3, pp.350-359, 1990.
, CloudAV: N-Version Antivirus in the Network CloudCloudAV-sec08.pdf A On achieving software diversity for improved network security using distributed coloring algorithms, USENIX Security Symposium Proceedings of the 11th ACM Conference on Computer and Communications Security ED4I: error detection by diverse data and duplicated instructions. Computers, IEEE Transactions on 51, pp.91-106, 2002.
, Software diversity: practical statistics for its measurement and exploitation. Information and software technology 39, pp.707-717, 1997.
DOI : 10.1016/s0950-5849(97)00023-2
URL : http://citeseerx.ist.psu.edu/viewdoc/summary?doi=10.1.1.45.111
, Software product line engineering: foundations, principles, and techniques, 2005.
DOI : 10.1007/3-540-28901-1
, An Empirical Study of the Effectiveness of "Forcing" Diversity Based on a Large Population of Diverse Programs, 2012 IEEE 23rd International Symposium on Software Reliability Engineering, pp.41-50, 2012.
DOI : 10.1109/ISSRE.2012.27
, The reliability of diverse systems: a contribution using modelling of the fault creation process, Proceedings International Conference on Dependable Systems and Networks, pp.5-14, 2001.
DOI : 10.1109/DSN.2001.941385
, Dual ecological measures of focus in software development, 2013 35th International Conference on Software Engineering (ICSE), pp.452-461, 2013.
DOI : 10.1109/ICSE.2013.6606591
, System structure for software fault tolerance. Software Engineering, IEEE Transactions on, vol.2, pp.220-232, 1975.
DOI : 10.1007/978-1-4612-6315-9_26
URL : http://citeseerx.ist.psu.edu/viewdoc/summary?doi=10.1.1.2.578
, When does "Diversity" in Development Reduce Common Failures? Insights from Probabilistic Modelling, 2014.
, Reverse stack execution in a multi-variant execution environment, Workshop on Compiler and Architectural Techniques for Application Reliability and Security, 2008.
, Orchestra, Proceedings of the fourth ACM european conference on Computer systems, EuroSys '09, pp.33-46, 2009.
DOI : 10.1145/1519065.1519071
, Runtime defense against code injection attacks using replicated execution. Dependable and Secure Computing, IEEE Transactions on, vol.8, issue.4, pp.588-601, 2011.
DOI : 10.1109/tdsc.2011.18
, Delta-Oriented Programming of Software Product Lines, Software Product Lines: Going Beyond, pp.77-91, 2010.
DOI : 10.1007/978-3-642-15579-6_6
, Software diversity: state of the art and perspectives, International Journal on Software Tools for Technology Transfer, vol.343, issue.3, pp.477-495, 2012.
DOI : 10.1007/s10009-012-0253-y
URL : https://hal.archives-ouvertes.fr/hal-00723754
, Software Mutational Robustness and Proactive Diversity University of New Mexico, pp.1-32, 2011.
, Managing performance vs. accuracy trade-offs with loop perforation, Proceedings of the 19th ACM SIGSOFT symposium and the 13th European conference on Foundations of software engineering, SIGSOFT/FSE '11, pp.124-134, 2011.
DOI : 10.1145/2025113.2025133
, COTS Diversity Based Intrusion Detection and Application to Web Servers, Recent Advances in Intrusion Detection, pp.43-62, 2006.
DOI : 10.1007/11663812_3
URL : https://hal.archives-ouvertes.fr/hal-00356396
, A comprehensive model for software rejuvenation. Dependable and Secure Computing, IEEE Transactions on, vol.2, issue.2, pp.124-137, 2005.
, The Effectiveness of Software Diversity in a Large Population of Programs, IEEE Transactions on Software Engineering, vol.34, pp.753-764, 2008.
, Building product populations with software components, Proceedings of the 24th international conference on Software engineering , ICSE '02, pp.255-265, 2002.
DOI : 10.1145/581372.581373
, On the variation and specialisation of workload???A case study of the Gnome ecosystem community, Empirical Software Engineering, vol.743, issue.1, pp.1-54, 2013.
DOI : 10.1007/s10664-013-9244-1
, Protection of software-based survivability mechanisms, Proc. of the Int. Conf. on Dependable Systems and Networks (DSN). IEEE, pp.193-202, 2001.
, Design and implementation of Acceptance Monitor for building intrusion tolerant systems, Software: Practice and Experience, vol.7, issue.14, pp.1399-1417, 2003.
DOI : 10.1002/spe.554
, Supporting diversity with component frameworks as architectural elements, Software Engineering Proceedings of the 2000 International Conference on, pp.51-60, 2000.
, Security through Diversity: Leveraging Virtual Machine Technology, IEEE Security & Privacy Magazine, vol.7, issue.1, pp.26-33, 2009.
DOI : 10.1109/MSP.2009.18
, Transparent runtime randomization for security, Proceedings of the International Symposium on Reliable Distributed Systems, pp.260-269, 2003.
, Experimental analysis of specification language diversity impact on {NPP} software diversity, Journal of Systems and Software, vol.62, issue.2, pp.111-122, 2002.
, Revisiting statechart synthesis with an algebraic approach, Proceedings. 26th International Conference on Software Engineering, pp.242-251, 2004.
DOI : 10.1109/ICSE.2004.1317446
URL : https://hal.archives-ouvertes.fr/hal-00795027