Computer security: Organisms stop infections spreading by being diverse. So can computer apps

Computer security: Organisms stop infections spreading by being diverse. So can computer apps

May 24th 2014 | From the print edition

ABOUT 1.3 billion people use one or other version of Microsoft’s Windows operating systems, and well over a billion have downloaded Mozilla’s Firefox web browser. Minor variations aside, every copy of these products—like all other mass-market software—has exactly the same bits in it. This makes such software a honeypot for hackers, who can write attack code that will cause precisely the same damage to, say, every copy of Windows 7 it infects. Worse, the bad guys can hone their attacks by practising on their own machines, confident that what they see will be what their victims get.

This computing monoculture—which also extends to the widespread use of particular pieces of hardware, such as microprocessors from Intel and ARM—has long been the bane of technologists. In the face of a near constant onslaught from hackers, antivirus software is frequently several steps behind the foe. Symantec, one of the commercial pioneers of online security, estimates that antivirus software now stops only 45% of attacks. The firm recently declared that this approach was “dead” and a new one was needed.

Michael Franz, a computer scientist at the University of California, Irvine, agrees. And he believes the answer is to learn from nature. Lots of species are composed of individuals which are, the occasional set of identical twins apart, all slightly different genetically from each other. Sexual reproduction ensures this. Indeed, it is probably the reason sex evolved in the first place, for it means that no bacterium or virus can wipe out an entire population, since some are almost certain to be genetically immune to any given pathogen.

Applying the idea of genetic diversity to software is not a new idea. High-security systems, such as the fly-by-wire programs used in aeroplanes, are designed from the outset with code that differs between installations. But this approach is too costly for large-scale use. Some mass-market software companies have instead introduced modest diversity to deter attackers, such as randomly choosing the starting addresses of big blocks of memory, but this is not enough to defeat a determined hacker.

Dr Franz is therefore taking a novel approach by tweaking the programs, called compilers, that convert applications written in languages such as C++ and Java into the machine code employed by a computer’s processor. Most compilers are designed to optimise things such as the speed of the resulting machine code. That leads to a single answer. Dr Franz’s “multicompiler” trades a bit of this optimality for diversity in the compiled code. This leeway, which diminishes the code’s speed of execution by an amount imperceptible to the user, enables a multicompiler to create billions of different, but functionally identical, interpretations of the original program. When a user requests a specific application from a cloud-based “app store”, the appropriate multicompiler in the store generates a unique version for him, thus making a hacker’s task nigh impossible.

Dr Franz has already built a prototype that can diversify programs such as Firefox and Apache Linux. Test attacks designed to take over computers running the resulting machine code always failed. The worst thing that happened was that the attack crashed the target machine, requiring a reboot. The rest of the time it simply had no perceptible effect.

Dr Franz puts the chance of a hacker successfully penetrating one of his randomised application programs at about one in a billion. No doubt these odds would shorten if his approach were taken up widely, for hackers are endlessly ingenious. But at the moment they mean that, if his system of multicompilers were used universally, any given hack would affect but a handful of the machines existing on the entire planet.

 

About bambooinnovator
Kee Koon Boon (“KB”) is the co-founder and director of HERO Investment Management which provides specialized fund management and investment advisory services to the ARCHEA Asia HERO Innovators Fund (www.heroinnovator.com), the only Asian SMID-cap tech-focused fund in the industry. KB is an internationally featured investor rooted in the principles of value investing for over a decade as a fund manager and analyst in the Asian capital markets who started his career at a boutique hedge fund in Singapore where he was with the firm since 2002 and was also part of the core investment committee in significantly outperforming the index in the 10-year-plus-old flagship Asian fund. He was also the portfolio manager for Asia-Pacific equities at Korea’s largest mutual fund company. Prior to setting up the H.E.R.O. Innovators Fund, KB was the Chief Investment Officer & CEO of a Singapore Registered Fund Management Company (RFMC) where he is responsible for listed Asian equity investments. KB had taught accounting at the Singapore Management University (SMU) as a faculty member and also pioneered the 15-week course on Accounting Fraud in Asia as an official module at SMU. KB remains grateful and honored to be invited by Singapore’s financial regulator Monetary Authority of Singapore (MAS) to present to their top management team about implementing a world’s first fact-based forward-looking fraud detection framework to bring about benefits for the capital markets in Singapore and for the public and investment community. KB also served the community in sharing his insights in writing articles about value investing and corporate governance in the media that include Business Times, Straits Times, Jakarta Post, Manual of Ideas, Investopedia, TedXWallStreet. He had also presented in top investment, banking and finance conferences in America, Italy, Sydney, Cape Town, HK, China. He has trained CEOs, entrepreneurs, CFOs, management executives in business strategy & business model innovation in Singapore, HK and China.

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Google photo

You are commenting using your Google account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s

<span>%d</span> bloggers like this: