News & Analysis
NSF funds computer virus immunization effort
R Colin Johnson
6/10/2010 4:11 PM EDT
By differentiating specific instances of application programs with unique executables, the researchers aim to remove the most common lever used by viruses and other malware, effectively immunizing them against spreading infections.
"Computer viruses exploit the fact that all instances of an application are identical," said FSU professor David Whalley. "The general idea is to prevent viruses from propagating by making each version of an application different."
Program differentiation is not a new idea, but traditional approaches are problematic, according to Whalley, who is collaborating on the project with fellow FSU professor Gary Tyson. Other attempts at program differentiation have resulted in performance penalties and behavior changes that produce maintenance nightmares, but the FSU professors believe they have the answer.
"We have proposed hardware and software enhancements supporting program differentiation that will not affect behavior, will minimize effects on performance, and will make it more difficult for malware to propagate," said Whalley.
The FSU approach provides a secure mobile computing environment that exploits mobile technologies that are already widely available to minimize the number of systems that can be infected by malware, rather than eliminate the possibility of infection altogether. The researchers maintain that if outbreaks can be confined to only a few systems, then conventional counter measures will become much more effective.
Since every approach to cyber security can be circumvented by determined hackers, the researchers are not revealing all the details of their approach, but merely stating that their technique modifies the application executables by permuting each instance into a unique version. The NSF sponsored research effort runs through 2012.
|
|
|
|
|
Mapou
6/10/2010 6:44 PM EDT
"Since every approach to cyber security can be circumvented by determined hackers, the researchers are not revealing all the details of their approach"
..
This is interesting. So how long is it going to take for the details of this approach to become known to determined hackers? And how much of the taxpayer's money is NSF handing over to FSU for this absurd research effort? Who is in charge of distributing these funds, anyway?
..
The security problem is really no different than the software reliability problem. Successful attacks always exploit flaws in a system's software. Get rid of the bugs and the problem will disappear. There is indeed a way to create bug-free software and to immunize a computer system against all malware but it has nothing to do with keeping your security technology a secret. The key can be summed up in one word, timing. Given the right synchronous/reactive software model, it is possible to detect unwanted intrusions because they invariably modify the system's temporal signature. These temporal anomalies can be detected on the fly with the right technology.
..
Google "How to Construct 100% Bug-Free Software" if you're interested in the future of reliability and security. The only caveat is that the computer industry will have to switch to a new software model, one which incorporates timing at the fundamental level.
..
PS. to NSF. Don't say you did not know because I just told you.
Sign in to Reply