Toronto Networking Seminar

Application Communities: A Collaborative Approach To Software Security

Angelos Keromytis
Department of Computer Science
Columbia University

Date:  Friday, September 29,  3pm
Location: BA1170 (Bahen Center)


Software monocultures are usually considered dangerous because their size and uniformity represent the potential for costly and widespread damage. The emerging concept of collaborative security provides the opportunity to re-examine the utility of software monoculture by exploiting the homogeneity and scale that typically define large software monocultures. Monoculture can be leveraged to improve an application's overall security and reliability. We introduce and explore the concept of Application Communities: collections of large numbers of independent instances of the same application. Members of an application community share the burden of monitoring for flaws and attacks, and notify the rest of the community when such are detected. Appropriate mitigation mechanisms are then deployed against the newly discovered fault. In this talk, I will describe the concept of Application Communities, some of their basic operational parameters, and our preliminary work in demonstrating their feasibility.


Angelos Keromytis is an Associate Professor with the Department of Computer Science at Columbia University, and director of the Network Security Laboratory. He received his B.Sc. in Computer Science from the University of Crete, Greece, and his M.Sc. and Ph.D. from the Computer and Information Science (CIS) Department, University of Pennsylvania. He is the author and co-author of more than 100 papers on refereed conferences and journals. He recently co-authored a book on using graphics cards for security, and is a founder of Revive Systems Inc. His current research interests revolve around systems and network security, and cryptography. His recent work has been on self-healing software. Previous research interests include active networks, trust management systems, and systems issues involving hardware cryptographic acceleration. For a full CV, see