A Security Enhancement For Transparent Runtime Protection Against Code Injection Attacks
Intrusion detection systems plays a Vital role in detecting the attacks before they can compromise softwares. Multi-variant execution is an intrusion detection mechanism which executes slightly different several versions, called variants, of the same program in lockstep fashion. The variants usually have identical behavior under normal execution conditions. Though, when the variants are under attack, there are detectable differences in their execution behavior. At runtime process, a monitor compares the behavior of the variants at definite synchronization points and raises an alarm when a discrepancy is detected.