Taking cues from Mother Nature to foil cyber attacks

November 25, 2003

ARLINGTON, Va. -- Taking their cues from Mother Nature and biodiversity, computer scientists at Carnegie Mellon University and the University of New Mexico are collaborating on a National Science Foundation (NSF)-supported project to study "cyber-diversity" for computer systems as a way to fend off malicious viruses, worms and other cyber attacks.

In nature, diseases are most devastating when an infection-causing organism encounters a "monoculture," a vast swath of genetically similar individuals, each susceptible to the organism's method of attack. In the same vein, computer viruses and worms exploit the same flaw on every computer running the same software.

"We are looking at computers the way a physician would look at genetically related patients, each susceptible to the same disorder,'' said Mike Reiter, a professor of electrical and computer engineering and computer science at Carnegie Mellon and associate director of CyLab, a Carnegie Mellon initiative focused on advancing cybersecurity technology and education. "In a more diverse population, one member may fall victim to a pathogen or disorder, while another might not have the same vulnerability."

"Our project seeks to reduce computer vulnerability by automatically changing certain aspects of a computer's software," said Dawn Song, an assistant professor of electrical and computer engineering and computer science at Carnegie Mellon. "Adapting this idea in biology to computers may not make an individual computer more resilient to attack, but it aims to make the whole population of computers more resilient in aggregate."

The existence of the same flaw on many computers is routinely exploited by attackers via Internet worms such as Code Red, which infected over 350,000 systems in just 13 hours using a single vulnerability.

Earlier approaches toward diversity in software attempted to develop different versions of the same software by independent teams, the idea being that the versions would naturally evolve different sets of vulnerabilities. However, such a manual approach is economically expensive and takes a long time, the researchers said.

"We are investigating various new methods for automating the diversity process at different system levels," said Stephanie Forrest, professor of computer science at New Mexico. "Our automated approach has the potential to be more economical and could introduce more diversity into computer systems." Attackers would then have less information about individual computers and would have to approach each computer differently.

"This work, bridging technical disciplines and taking the economics of security solutions into account, represents the kind of innovative thinking that NSF's Cyber Trust program hopes to stimulate in the research community," said Carl Landwehr, NSF program director. The Carnegie Mellon and New Mexico collaboration is supported by a $750,000 award from NSF, the independent federal agency that supports fundamental research and education across all fields of science and engineering.

NSF PR03-130
-end-
NSF Science Expert: Carl Landwehr, 703-292-8936, clandweh@nsf.gov.
Principal Investigators: Dawn Song, CMU, 412-268-4268, dawnsong@cmu.edu.
Mike Reiter, CMU, 412-268-1318, reiter@cmu.edu
Stephanie Forrest, UNM, 505-277-7104, forrest@cs.unm.edu

The National Science Foundation is an independent federal agency that supports fundamental research and education across all fields of science and engineering, with an annual budget of nearly $5.3 billion. National Science Foundation funds reach all 50 states through grants to nearly 2,000 universities and institutions. Each year, NSF receives about 30,000 competitive requests for funding, and makes about 10,000 new funding awards. The National Science Foundation also awards over $200 million in professional and service contracts yearly.

Receive official National Science Foundation news electronically through the e-mail delivery system, NSFnews. To subscribe, send an e-mail message to join-nsfnews@lists.nsf.gov. In the body of the message, type "subscribe nsfnews" and then type your name. (Ex.: "subscribe nsfnews John Smith")

Useful National Science Foundation Web Sites NSF Home Page: http://www.nsf.gov/
News Highlights: http://www.nsf.gov/od/lpa
Newsroom: http://www.nsf.gov/od/lpa/news/media/start.htm
Science Statistics: http://www.nsf.gov/sbe/srs/stats.htm
Awards Searches: http://www.fastlane.nsf.gov/a6/A6Start.htm

National Science Foundation

Related Diversity Articles from Brightsurf:

More plant diversity, less pesticides
Increasing plant diversity enhances the natural control of insect herbivory in grasslands.

Insect diversity boosted by combination of crop diversity and semi-natural habitats
To enhance the number of beneficial insect species in agricultural land, preserving semi-natural habitats and promoting crop diversity are both needed, according to new research published in the British Ecological Society's Journal of Applied of Ecology.

Ethnolinguistic diversity slows down urban growth
Where various ethnic groups live together, cities grow at a slower rate.

Protecting scientific diversity
The COVID-19 pandemic means that scientists face great challenges because they have to reorient, interrupt or even cancel research and teaching.

Cultural diversity in chimpanzees
Termite fishing by chimpanzees was thought to occur in only two forms with one or multiple tools, from either above-ground or underground termite nests.

Bursts of diversity in the gut microbiota
The diversity of bacteria in the human gut is an important biomarker of health, influences multiple diseases, such as obesity and inflammatory bowel diseases and affects various treatments.

Underestimated chemical diversity
An international team of researchers has conducted a global review of all registered industrial chemicals: some 350,000 different substances are produced and traded around the world -- well in excess of the 100,000 reached in previous estimates.

New world map of fish genetic diversity
An international research team from ETH Zurich and French universities has studied genetic diversity among fish around the world for the first time.

Biological diversity as a factor of production
Can the biodiversity of ecosystems be considered a factor of production?

Fungal diversity and its relationship to the future of forests
Stanford researchers predict that climate change will reduce the diversity of symbiotic fungi that help trees grow.

Read More: Diversity News and Diversity Current Events
Brightsurf.com is a participant in the Amazon Services LLC Associates Program, an affiliate advertising program designed to provide a means for sites to earn advertising fees by advertising and linking to Amazon.com.