Newswise — Taking their cues from Mother Nature and biodiversity, computer scientists at Carnegie Mellon University and the University of New Mexico are collaborating on a National Science Foundation (NSF)-supported project to study "cyber-diversity" for computer systems as a way to fend off malicious viruses, worms and other cyber attacks.
In nature, diseases are most devastating when an infection-causing organism encounters a "monoculture," a vast swath of genetically similar individuals, each susceptible to the organism's method of attack. In the same vein, computer viruses and worms exploit the same flaw on every computer running the same software.
"We are looking at computers the way a physician would look at genetically related patients, each susceptible to the same disorder,'' said Mike Reiter, a professor of electrical and computer engineering and computer science at Carnegie Mellon and associate director of CyLab, a Carnegie Mellon initiative focused on advancing cybersecurity technology and education. "In a more diverse population, one member may fall victim to a pathogen or disorder, while another might not have the same vulnerability.''
"Our project seeks to reduce computer vulnerability by automatically changing certain aspects of a computer's software," said Dawn Song, an assistant professor of electrical and computer engineering and computer science at Carnegie Mellon. "Adapting this idea in biology to computers may not make an individual computer more resilient to attack, but it aims to make the whole population of computers more resilient in aggregate."
The existence of the same flaw on many computers is routinely exploited by attackers via Internet worms such as Code Red, which infected over 350,000 systems in just 13 hours using a single vulnerability.
Earlier approaches toward diversity in software attempted to develop different versions of the same software by independent teams, the idea being that the versions would naturally evolve different sets of vulnerabilities. However, such a manual approach is economically expensive and takes a long time, the researchers said.
"We are investigating various new methods for automating the diversity process at different system levels," said Stephanie Forrest, professor of computer science at New Mexico. "Our automated approach has the potential to be more economical and could introduce more diversity into computer systems." Attackers would then have less information about individual computers and would have to approach each computer differently.
"This work, bridging technical disciplines and taking the economics of security solutions into account, represents the kind of innovative thinking that NSF's Cyber Trust program hopes to stimulate in the research community," said Carl Landwehr, NSF program director. The Carnegie Mellon and New Mexico collaboration is supported by a $750,000 award from NSF, the independent federal agency that supports fundamental research and education across all fields of science and engineering.
The National Science Foundation is an independent federal agency that supports fundamental research and education across all fields of science and engineering, with an annual budget of nearly $5.3 billion. National Science Foundation funds reach all 50 states through grants to nearly 2,000 universities and institutions. Each year, NSF receives about 30,000 competitive requests for funding, and makes about 10,000 new funding awards. The National Science Foundation also awards over $200 million in professional and service contracts yearly.
Receive official National Science Foundation news electronically through the e-mail delivery system, NSFnews. To subscribe, send an e-mail message to email@example.com. In the body of the message, type "subscribe nsfnews" and then type your name. (Ex.: "subscribe nsfnews John Smith" )
Useful National Science Foundation Web Sites
NSF Home Page: http://www.nsf.gov/
News Highlights: http://www.nsf.gov/od/lpa
Science Statistics: http://www.nsf.gov/sbe/srs/stats.htm
Awards Searches: http://www.fastlane.nsf.gov/a6/A6Start.htm