Principles of a Computer Immune System - PowerPoint PPT Presentation

1 / 20
About This Presentation
Title:

Principles of a Computer Immune System

Description:

Principles of a Computer Immune System. Anil Somayaji, Steven Hofmeyr, & Stephanie Forrest ... Computer systems are plagued of security vulnerabilities ... – PowerPoint PPT presentation

Number of Views:26
Avg rating:3.0/5.0
Slides: 21
Provided by: LCTG5
Category:

less

Transcript and Presenter's Notes

Title: Principles of a Computer Immune System


1
Principles of a Computer Immune System
  • Anil Somayaji, Steven Hofmeyr, Stephanie
    Forrest
  • Presented by Jesus Morales

2
Introduction
  • Written in 1997
  • Introduces biological approaches to computer
    security
  • The problem
  • Computer systems are plagued of security
    vulnerabilities
  • Weve seen many buffer overflows, viruses,
    denial of service attacks and so on
  • Need a new approach to computer security

3
Traditional approach
  • Good in theory, not in practice
  • Computer systems are dynamic system state
    continuously changed
  • Formal verification of a dynamic system is
    impractical
  • Security policies flaws implementation
    flaws configuration flaws imperfect security

4
Biological approach
  • Dealing with an imperfect, uncontrolled and open
    environment.
  • Similar to the environment the human body has to
    deal with
  • Look at the human immune system as a model

5
The immune system (IMS)
  • Protects the body
  • Vastly more complicated than any computer system
  • Constantly under attack
  • Parasites, bacteria, viruses
  • Highly effective
  • Were healthy most of the time
  • Works autonomously
  • If IMS were at the same technical state as
    computer security systems, wed be extinct

6
IMS Pattern recognition self vs. nonself
  • IMS must distinguish molecules and cells of the
    body (self) from extraneous ones (nonself)
  • Huge problem
  • 105 different types of self
  • 1016 different types of nonself (estimate)
  • Human genome contains about 105 genes

7
IMS multilayered architecture
  • 1st Layer skin and physiological conditions (pH,
    temperature)
  • 2nd Layer innate IMS (scavenger cells clean
    pathogens and debris)
  • 3rd Layer adaptive IMS (acquired immune response)

8
IMS adaptive immune system
  • Primarily white blood cells (lymphocytes)
  • Circulate in the blood and lymph systems
  • Negative detectors
  • Detection by molecular bonds
  • Detection is approximate

9
IMS adaptive immune system (cont.)
  • Problem how to avoid autoimmune disorders?
  • Lymphocytes are self-tolerant
  • Clonal deletion process
  • Problem how to recognize the potentially huge
    number of pathogens?
  • Genetic process generate lymphocytes randomly
  • 108 lymphocyte receptors vs. 1016 potential
    foreign patterns
  • Constant lymphocyte turnover (short-lived few
    days)
  • Learning and memory

10
IMS adaptive immune system (cont.)
  • IMS response to viruses
  • Result immune memory

11
IMS diversity
  • Immune system is diverse across a population
  • Each individual has a unique immune system
  • Different lymphocyte population different
    detector set
  • Different Major-Histocompatibility Complex (MHC)
    (genetically determined)

12
Organizing Principles
  • Cant really implement the same IMS in a computer
    system
  • We can derive a set of guiding principles
  • Distributability Immune system detectors are
    able to determine locally the presence of an
    infection. No central coordination takes place,
    which means there is no single point of failure.
  • Multi-layered Multiple layers of different
    mechanisms are combined to provide high overall
    security.

13
Organizing Principles (cont.)
  • Diversity By making systems diverse, security
    vulnerabilities in one system are less likely to
    be widespread.
  • Diverse protection systems, or
  • Diverse protected systems
  • Disposability No single component in the system
    is essential.
  • Adaptability
  • Learn to detect new intrusions
  • Ability to recognize signatures of previously
    seen attacks
  • No secure Layer
  • Any cell can be attacked by a pathogen---including
    those of the immune system itself.
  • Mutual protection among immune system components
    replaces dependence on a secure underlying layer.

14
Organizing Principles (cont.)
  • Dynamically changing coverage
  • Space/time tradeoff
  • Cant maintain a set of detectors large enough
  • Use randomness and replacement
  • Identity via behavior
  • IMS uses proteins (peptides) as behavior
    indicators running code of the body
  • Computer analog short sequences of system calls
  • Anomaly detection
  • The ability to detect intrusions or violations
    that are not already known is an important
    feature of any security system.

15
Organizing Principles (cont.)
  • Imperfect detection
  • Accepting imperfect detection increases the
    flexibility to allocate resources.
  • Example less specific detectors respond to a
    wider variety of patterns but are less efficient
    at detecting a specific pathogen.
  • The numbers game
  • The immune system replicates detectors to
    counteract replicating
  • Computers subject to similar numbers game
  • hackers freely trading exploit scripts on the
    Internet
  • denial-of-service attacks
  • computer viruses.
  • Pathogens in the computer security world are
    playing the numbers game---traditional defense
    systems, however, are not.

16
Possible Architectures
  • Protecting static data
  • Self uncorrupted data
  • Nonself any change in self
  • Change detection algorithms
  • Protecting active processes on a single host
  • Self normal behavior
  • Nonself abnormal behavior
  • View each active process as a cell
  • Passwords, group/file permissions as skin
  • Adaptive immune layer rotating lymphocyte
    processes query other processes looking for
    behavior anomalies
  • If anomaly is detected slow, suspend, or kill
    process

17
Possible Architectures (cont.)
  • Protecting a network of mutually trusting
    computers
  • Process is a cell. Computer is an organ.
    Individual is a network
  • Innate immune system
  • Host-based and network security mechanisms
  • Adaptive immune system
  • Lymphocyte processes (kernel-assisted)
  • Can migrate between computers and take
    appropriate action
  • One computer (or set) produces/selects/releases
    lymphocytes
  • No centralized response

18
Possible Architectures (cont.)
  • Protecting a network of mutually trusting
    disposable computers
  • Each computer a cell. Network is the individual
  • Host-based security is the skin
  • Innate immune system
  • Network defenses (Kerberos, firewalls)
  • Adaptive immune system
  • Lymphocyte machines monitor each other state
  • If anomaly is detected isolate affected machine,
    reboot or shut down

19
Limitations
  • Different goals
  • Biological IMS goal survival
  • Computer security confidentiality, integrity,
    availability, accountability and correctness
  • Most obvious is confidentiality. Biological IMS
    does not care about protecting secrets

20
Conclusion
  • Skin and innate IMS (passwords, access controls,
    careful design) are important
  • Adaptive IMS is still mostly lacking in computer
    systems. We need it to make systems more secure
Write a Comment
User Comments (0)
About PowerShow.com