Diversity as defense
sgorman1 at gmu.edu
sgorman1 at gmu.edu
Mon Jan 19 20:35:22 UTC 2004
We've been seeing a bit of media attention of late to diversity as a technique to make networks more secure:
http://news.com.com/2009-7349_3-5140971.html?tag=nefd_lede
The usual suspect is Microsoft with 97% of OS's, but Cisco's 86% of the router market has been cited as well as SNMP vulnerabilities of two years ago. The diversity, monoculture and agricutlure analogy makes nice press, but how realistic is diversity as a defense. Is cost the biggest hurdle or limited avaiability of competitive products, or simply no bang for the buck by diversifying. We've run some simulations testing the effects of different levels of diversity, but wanted some feedback on feasibility.
http://arxiv.org/abs/cond-mat/0401017
Any comments, feedback or discussion would be greatly appreciated.
best,
sean
More information about the NANOG
mailing list