Slashdot Mirror

← Back to Stories (view on slashdot.org)

The Biology of Network Security

Posted by ryuzaki0 on from the bionic-firewall dept.

Bob Brown writes "A University of New Mexico researcher is taking lessons from biology and using them to try to stymie hackers and viruses. Projects such as RISE attempt to secure computers and networks by promoting application diversity." From the article: "Diversity of systems and applications can play a key role in safeguarding computers and networks from malicious attacks, Forrest said. Her team published a paper last year on a system dubbed RISE (Randomized Instruction Set Emulation) (PDF) that randomizes an application's machine code to stymie would-be attacks, such as those launched via binary code injection."

5 of 85 comments (clear)

  1. Re:Extinction? by Opportunist · · Score: 3, Insightful

    Unfortunately, no. The "new" kind of infectors don't aim at killing the host. They just want to "milk" it. They want its processing power, its connection speed, its information and its user's credit card number.

    --
    We used to have a Bill of Rights. Now, with the rights gone, all we have left is the bill.
  2. Intel not so happy by TubeSteak · · Score: 3, Interesting
    She said this idea didn't fly very well with hardware engineers at Intel with whom she spoke to last year, as they envisioned having to build different chips around all these different instruction sets. Forrest's team got around this issue by building its technology atop virtual machine software dubbed Valgrind that she said provided flexibility because it is open source but that is not as efficient as she would have liked.
    I imagine that Palladium style code checking wouldn't be to happy with programs that did funny things like this. I could be wrong, but off the top of my head, it seems plausible.

    As for mutation aka polymorphism (she talks about this at the end of TFA), doesn't she know about virii having built-in mutators? And metamorphic code does almost the exact same thing she's talking about in RISE.
    --
    [Fuck Beta]
    o0t!
  3. Write your own by digitaldc · · Score: 3, Funny

    "This is a little tricky because we don't want to make everyone write their own operating system or e-mail reader from scratch or even learn a new interface," Forrest said.

    Speak for yourself, this is a lifelong obsession.

    A wise man once said - 'Never connect to the internet and your troubles will be few.'

    --
    He who knows best knows how little he knows. - Thomas Jefferson
  4. So.... Computer CJD? by weetabix · · Score: 3, Insightful

    So, what happens when someone finds a way to either a) run code right on the hardware and bypass the virtualization, or b) finds some small snippety of code (a binary prion, perhaps?) that plays hell with this RISE? I mean.... Mad Cow Disease is a prion.... Mad Computer Disease next?

    --

    -- "It's tough to run with both feet stuck in your mouth" - Zoe's evil side

  5. Re:Infrastructure doesn't work like biology by Whiney+Mac+Fanboy · · Score: 4, Insightful
    Sure, in biology, differences help make the species stronger. Not true in IT.

    Depends how big the difference are.

    Take for example address space randomization (part of execshield). I'll quote redhat's explanation of it (as it's quite good):
    The idea behind Address Space Randomization is to put program code at a different address each time it starts. This way, an exploit can't know where the return address pointer should point to.
    Protects against many buffer overflow attacks (regardless of the hardware), with no cost to your 'standardized environment'.

    Pity windows & macOS don't have something similar.
    --
    There are shills on slashdot. Apparently, I'm one of them.