K-Variant Architecture to Improve Security of Web Services and Applications

The Universal Digital Repository

Browse By:

K-Variant Architecture to Improve Security of Web Services and Applications

Bekiroglu, Berk (2022) K-Variant Architecture to Improve Security of Web Services and Applications. European Journal of Computer Science and Information Technology, 10 (2). pp. 1-17. ISSN 2054-0957 (Print), 2054-0965 (Online)

[thumbnail of K-Variant Architecture.pdf]

Text
K-Variant Architecture.pdf - Published Version
Available under License Creative Commons Attribution Non-commercial No Derivatives.
Download (692kB)

Official URL: https://www.eajournals.org/

Abstract

The K-variant is a multi-variant architecture to improve security against memory exploitation attacks. Unlike other multi-execution architectures, variants in the K-variant architecture are generated by program transformations at the source code level. Because variant generation processes can be automated, the cost of systems has significantly decreased compared to similar architectures such as N-version. Multi-execution architectures were designated to improve the security of the mission and safety-critical systems. However, to meet the high-security requirements of organizations and companies, multi-execution architectures have been utilized to enhance the security of web services and applications. The increasing number of memory-related vulnerabilities in web servers and services makes systems vulnerable to memory exploitation attacks. The K-variant architecture can provide statistical security for memory exploitation attacks by providing a diversity of critical data in memory. In this paper, the design of a K-variant architecture for web services and applications is proposed. Also, different levels of diversities in K-variant systems are discussed in the implementation of the K-variant architecture.

Item Type:	Article
Uncontrolled Keywords:	K-variant architecture, design diversity, memory exploitation attacks, secure web services, and applications
Subjects:	Q Science > QA Mathematics > QA75 Electronic computers. Computer science
Depositing User:	Professor Mark T. Owen
Date Deposited:	09 Apr 2022 16:37
Last Modified:	09 Apr 2022 16:37
URI:	https://tudr.org/id/eprint/297

Actions (login required)

: View Item

UNSPECIFIED UNSPECIFIED

CORE (COnnecting REpositories)