 |
|
DAILY NEWS AND INFORMATION
FOR THE GLOBAL GRID COMMUNITY /
|
Special Features:
TAKING CUES FROM MOTHER NATURE TO
FOIL CYBER ATTACKS
Taking their cues from Mother Nature and biodiversity, computer scientists
at
Carnegie Mellon University and the University of New Mexico are collaborating
on a National Science Foundation (NSF)-supported project to study "cyber
diversity" for computer systems as a way to fend off malicious viruses, worms
and other cyber attacks.
In nature, diseases are most devastating when an infection-causing organism
encounters a "monoculture," a vast swath of genetically similar individuals,
each susceptible to the organism's method of attack. In the same vein,
computer viruses and worms exploit the same flaw on every computer running the
same software.
"We are looking at computers the way a physician would look at genetically-
related patients, each susceptible to the same disorder," said Mike Reiter, a
professor of electrical and computer engineering and computer science at
Carnegie Mellon and associate director of CyLab, a Carnegie Mellon initiative
focused on advancing cybersecurity technology and education. "In a more
diverse population, one member may fall victim to a pathogen or disorder,
while another might not have the same vulnerability."
"Our project seeks to reduce computer vulnerability by automatically
changing
certain aspects of a computer's software," said Dawn Song, an assistant
professor of electrical and computer engineering and computer science at
Carnegie Mellon. "Adapting this idea in biology to computers may not make an
individual computer more resilient to attack, but it aims to make the whole
population of computers more resilient in aggregate."
The existence of the same flaw on many computers is routinely exploited by
attackers via Internet worms such as Code Red, which infected over 350,000
systems in just 13 hours using a single vulnerability.
Earlier approaches toward diversity in software attempted to develop
different
versions of the same software by independent teams, the idea being that the
versions would naturally evolve different sets of vulnerabilities. However,
such a manual approach is economically expensive and takes a long time, the
researchers said.
"We are investigating various new methods for automating the diversity
process
at different system levels," said Stephanie Forrest, professor of computer
science at New Mexico. "Our automated approach has the potential to be more
economical and could introduce more diversity into computer systems."
Attackers would then have less information about individual computers and
would have to approach each computer differently.
"This work, bridging technical disciplines and taking the economics of
security solutions into account, represents the kind of innovative thinking
that NSF's Cyber Trust program hopes to stimulate in the research community,"
said Carl Landwehr, NSF program director.
The Carnegie Mellon and New Mexico collaboration is supported by a $750,000
award from NSF, the independent federal agency that supports fundamental
research and education across all fields of science and engineering.
|