1 / 27

Frederick P. Brooks, Jr. Kenan Professor & Department Founder

Frederick P. Brooks, Jr. Kenan Professor & Department Founder. Some Things that Computer Science can Learn from Nature. Mike Reiter Lawrence M. Slifkin Distinguished Professor Department of Computer Science University of North Carolina at Chapel Hill. Natural Science and Computer “Science”.

hinda
Download Presentation

Frederick P. Brooks, Jr. Kenan Professor & Department Founder

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Frederick P. Brooks, Jr. Kenan Professor &Department Founder

  2. Some Things that Computer Science can Learn from Nature Mike Reiter Lawrence M. Slifkin Distinguished Professor Department of Computer Science University of North Carolina at Chapel Hill

  3. Natural Science and Computer “Science” • Natural science: any of the sciences (e.g., physics, chemistry, or biology) that deal with matter, energy, and their interrelations and transformations • In contrast, computer science is a “formal science” • Some have even argued that computer science is not a science at all • Computer Science derived from math and engineering primarily, not from the natural sciences • Numerous qualitative differences have been suggested, mostly deriving from their objects of study

  4. Tools: Used to Improve: Computing (i.e. writing & running code) Computers Everything Else (e.g., Medicine, Entertainment, Business, Safety, Science, etc.) Mathematical Reasoning Computer Science [Mowry]

  5. Tools: Used to Improve: Computing (i.e. writing & running code) Computers Everything Else (e.g., Medicine, Entertainment, Business, Safety, Science, etc.) Mathematical Reasoning Computer Science [Mowry] Systems Theory Applications

  6. Used to Improve: Computing (i.e. writing & running code) Computers Everything Else (e.g., Medicine, Entertainment, Business, Safety, Science, etc.) Computer Science [Mowry] Tools:

  7. Computing Systems vs. Natural Systems • “Natural systems are much more complex than computers.” • Just because we built computers doesn’t mean we understand them

  8. Computing Systems vs. Natural Systems • “Natural systems adapt.” email propagation of malicious code DDoS attacks “stealth”/advanced scanning techniques increase in worms sophisticated command & control widespread attacks using NNTP to distribute attack widespread attacks on DNS infrastructure anti-forensic techniques executable code attacks (against browsers) Attack Sophistication home users targeted automated widespread attacks GUI intruder tools distributed attack tools hijacking sessions increase in wide-scale Trojan horse distribution Internet social engineering attacks widespread denial-of-service attacks Windows-based remote controllable Trojans (Back Orifice) techniques to analyze code for vulnerabilities without source code automated probes/scans packet spoofing Intruder Knowledge 1990 2004

  9. Computing Systems vs. Natural Systems • This is not a depiction of any biological phenomenon • It’s the geographic spread of Sapphire worm 30 minutes after release Source: http://www.caida.org

  10. Can CS Learn from Nature? • Modularity

  11. Can CS Learn from Nature? • Diversity

  12. Can CS Learn from Nature? • Redundancy

  13. Modularity • Decomposing a system into components separated by narrow interfaces at which access control is applied • Often separation is enforced by physical constraints • Modularity  least privilege (in my view) • Can be thought of as a method of damage containment

  14. Modularity: Trusted Computing Base (TCB) … … App 1 App App 1 App S S OS OS Shim DMA Devices DMA Devices CPU, RAM TPM, Chipset CPU, RAM TPM, Chipset (Network, Disk, USB, etc.) (Network, Disk, USB, etc.)

  15. Modularity:TPM Background • The Trusted Platform Module (TPM) is a dedicated security chip • It can provide an attestation to remote parties • Platform Configuration Registers (PCRs) summarize the computer’s software state • PCR_Extend(N, V): PCRN SHA-1(PCRN | V) • TPM provides a signature over PCR values • TPM spec v1.2 includes dynamic PCRs • Values can be reset without a reboot

  16. Modularity: Late Launch Background • Supported by new commodity CPUs • SVM for AMD • TXT (formerly LaGrande) for Intel • Designed to launch a VMM without a reboot • Hardware-based protections ensure launch integrity • New CPU instruction (SKINIT/SENTER) accepts a memory region as input and atomically: • Resets dynamic PCRs • Disables interrupts • Extends a measurement of the region into PCR 17 • Begins executing at the start of the memory region

  17. Modularity:The Flicker System [w/ McCune, Parno, Perrig, and Seshadri] • Core technique • Pause current execution environment • Execute security-sensitive code with hardware-enforced isolation • Resume previous execution • Extensions • Preserve state securely across invocations • Attest only to code execution and protection • Establish secure communication with remote parties

  18. App RAM OS Module S Shim SKINIT Reset Modularity:Flicker Execution Flow App OS Outputs Inputs 0 0 0 Module Module S Shim TPM … PCRs: CPU K-1

  19. S Shim Modularity:Flicker Attestation TPM PCRs: Inputs … Outputs K-1 TPM … PCRs: K-1

  20. TPM PCRs: 0 0 0 Inputs What code did you run? S … Shim Outputs Inputs Outputs K-1 S Shim ( ) Sign , K-1 Modularity:Flicker Attestation

  21. Diversity • Studied first in the reliability community • Goal: Promote failure independence between program versions • Manual variant creation by different teams does not necessarily provide fault independence [Knight & Leveson 1986, Littlewood et al., 1989] • More recently studied in security community • Goal: Increase attacker’s effort to compromise systems • Has been studied at O/S level, operator/user interface, and others [Forrest et al. 1997, Deswarte et al. 1998; Bain et al. 2000 …] • Still an active topic of investigation • Ex: “Diversity as a computer defense mechanism: A panel” at the New Security Paradigms Workshop (NSPW) 2005

  22. “Behavioral distance” is a measurement of the extent to which the system calls indicate similar simultaneous behavior A compromise of one variant causes divergence from other variant Diversity: Behavioral Distance [w/ Gao & Song] System calls Apache Web Server Abyss Web Server Windows Linux

  23. Diversity:Behavioral Distance • Diverse Platform (Windows and Linux) • Same system call number in two sequences are not really the “same” • System calls may not have a one-to-one correspondence • System call sequences may have different length • Diverse Implementation (Apache and Abyss) • Difficult to map individual system calls between two sequences • Experimented with two approaches • Evolutionary distance originally proposed to evaluate if two DNA sequences derive from a common ancestral sequence • Hidden Markov models

  24. Diversity:Hidden Markov Models 65 % 100 % 70 % 25 % 10 % 30 % 50 % q1 q2 q3 10 % 90 % 50 % 30 % Transition Emission

  25. Diversity:Hidden Markov Model for Behavioral Distance “-” represents a dummy symbol - - 12 7 6 - 155 76 8 274

  26. Diversity:Elements of the Hidden Markov Model • Once the HMM is trained, the probability that the HMM would have produced an observed sequence can be used to detect intrusions

  27. How Far Does the Analogy Go? • These examples show how we can learn strategies for survival from natural systems • I believe these examples are just a sample of what we can learn from nature about managing systems that we don’t understand • Even if we built them ourselves! • There’s also plenty of room for doubt • Clearly nature has its failures (extinct species, global warming, …) • The tactics (implementations) are quite different • But I hope I’ve encouraged you to think about computer science in the broader context of all sciences, and to look for new opportunities at their intersections

More Related