dMVX: Secure and Efficient Multi-Variant Execution in a Distributed Setting

TL;DR

dMVX introduces a hybrid distributed multi-variant execution system that significantly reduces performance overhead by selectively monitoring system calls and caching I/O operations, enhancing security and efficiency.

Contribution

It presents a novel hybrid design for distributed MVX systems that minimizes network overhead through selective monitoring and caching techniques.

Findings

Reduces performance overhead from over 50% to 3.1% in server benchmarks.

Effectively limits monitoring to security-critical system calls.

Achieves secure, efficient multi-variant execution in distributed environments.

Abstract

Multi-variant execution (MVX) systems amplify the effectiveness of software diversity techniques. The key idea is to run multiple diversified program variants in lockstep while providing them with the same input and monitoring their run-time behavior for divergences. Thus, adversaries have to compromise all program variants simultaneously to mount an attack successfully. Recent work proposed distributed, heterogeneous MVX systems that leverage different ABIs and ISAs to increase the diversity between program variants further. However, existing distributed MVX system designs suffer from high performance overhead due to time-consuming network transactions for the MVX system's operations. This paper presents dMVX, a novel hybrid distributed MVX design, which incorporates new techniques that significantly reduce the overhead of MVX systems in a distributed setting. Our key insight is that we can intelligently reduce the MVX operations that use expensive network transfers. First, we can limit the monitoring of system calls that are not security-critical. Second, we observe that, in many circumstances, we can also safely cache or avoid replication operations needed for I/O related system calls. Our evaluation shows that dMVX reduces the performance degradation from over 50% to 3.1% for realistic server benchmarks.