Towards Dialects Computing in Network and System Protocols

Abstract

Towards Dialects Computing in Network and System ProtocolsToday s computing systems and the communications among them are defined by protocols and interfaces. Since these common protocols -- both in networking and system -- are ubiquitous, the adversary can almost always assume the standard protocols will be followed, and can proceed to discover a vulnerability associated with the specific protocol implementations, and write an attack code that will work in the target system that uses the specific protocol. The attacks on a network protocol or its implementations have been serious threats, and the recent exploits on protocol implementation such as Heartbleed will not be the last one. Thus, security-critical systems that heavily use open protocol standards or fixed access methods for systems are always under the risks of zero-day system vulnerabilities or protocol attacks. To minimize such risks, we propose to use a protocol dialect. Protocol dialect is a revised version of the given existing protocol or variable methods for system access so that only parties whoshare a pre-established secret can communicate and interact each other by properly initiating and processing the protocol. The goal of deploying a protocol dialect is to reject a communication or system access attempt made by unauthorized entities who cannot comply with the protocol dialect steps.We propose the use of network and system level dialects that can isolate the protected system and its users from the common computing systems and networks. An external user who may approach with malicious intents will not be able to speak the variant of the language (dialect) that the natives (the protected system and its authorized users) speak. As a consequence, automated general attacks (such as initiated from bots) that do not specifically target theprotected system are automatically thwarted. Moreover, even for the targeted attacks to the protected system, our dialects introduce an immense burden for the adversary who must first understand the dialects to instigate and devise an attack that is compatible with the target system s dialect.We propose to conduct comprehensive research on generation, implementation, and application of protocol dialects. The goal of the proposed research is to explore new methods for automatic dialect generation for standard protocols and dialect protocol enforcement between the protected system and its authorized users. Thus, the successful outcomes from theprotocol dialects research will be able to protect the systems and protocols by taking away as early as possible the adversary s chance of initiating or injecting payloads that may invoke zeroday vulnerabilities in the system or its emplaced protocols in protection.

Document Details

Document Type

DoD Grant Award

Publication Date

Jul 27, 2018

Source ID

N000141812661

Entities

Tags