Encryption Source Normalization Method for Mimic System

Abstract

Although the mimic system can effectively defend against known or unknown vulnerabilities / backdoor attacks, some encryption protocols such as SSH will produce different encryption results on different executors, even with the same processor, the same operating system, the same encryption protocol and the same plaintext, which leads to difficulty in output arbitration. To solve this problem, this paper proposes an encryption source normalization method, which can make different executors generate same ciphertext by normalizing the source of the random number and synchronizing the length of output data, so that the output of heterogeneous executers can be successfully arbitrated by the scheduler. This method is verified by experiments using SSH protocol. Test results show that this method can effectively solve the encryption problem of mimic system.