Towards Provably Secure Malware Defenses

Abstract

Protecting systems from malware injection is the holy grail of modern computer science. Despite the intensive efforts by the scientific and engineering community, the number of successful attacks continues to increase. This situation poses a clear threat to science and to society as a whole. The lack of mechanisms and metrics to evaluate the security of suggested defenses is arguably a major obstacle in scientific progress that could lead us to a generation of more robust and/or resilient systems. Indeed, most, if not all, existing practical approaches are typically heuristic and there is no formal proof that they are either efficient or effective, nor is there a way to evaluate and/or compare them; rather, their performance and accuracy are typically experimentally validated. The coPIs recently proposed the ultimate method for security assurance of malware detection mechanisms. Concretely, we proposed a paradigm shift in malware defense from the traditional Òproof by experimentÓ methodology to the design of provably secureÀin a strict mathematical senseÀand composable defenses. This sets first footsteps towards the development of a rigorous mathematic theory of secure malware defensesÀincluding a model of computation and an adversary model. The first milestones demonstrating the feasibility of our proposed paradigm-shift can be found in our inaugural paper [1] and are outlined in the project description. When successful, our breakthrough technology will apply universally from computers and smartphones to controllers of critical infrastructure, e.g., nuclear reactors and medical devices. Moreover, our research will open a channel for ideas-flow between low-interacting disciplines such as theoretical computer science and systems engineering to attack the malware problem. Importantly, in [1] we have provided a high-level specification of a secure malware detection mechanism. The key idea of our method is to use the very insertion of the malware itself to allow for the systems to detect it. This is close in spirit to the famous Heisenberg Uncertainty Principle. The attackers, no matter how clever, no matter when or how they insert their malware, change the state of the system they are attacking. This fundamental idea is a game changer. And the resulting system does not rely on heuristics; its security can be based on mathematics and not on Òproof by experimentÓ. Thus the security claims do will need emulations that could potentially be faulty to back them up. The proposed research aims to advance the above idea towards development of a first working system. We request a nine-month support via the ARLÕs short-term innovative research (STIR) program to establish a proof of concept implementation and first benchmarks to (1) demonstrate that our approach is not only provably secureÀthis is established by our security proofsÀbut it is also practically efficient, and (2) provide pointers on how to extend our security model and schemes to capture as a wide attack surface as possible. The potential impact of our discovery on the computer industry could be comparable to how Jonas SalkÕs polio vaccine revolutionized medicine. Just as universal immunization with the vaccine eradicated polio, universal implementation of the proposed technology could eradicate an entire class of malware. Combined with its composability, our idea makes the first step toward a modular approach to eradicate malware, where defenses against subclasses are combined to yield an ultimately secure system. Given the simplicity and rigorous mathematical proofs of the approach, the success of our research will make it a matter of time until these systems are broadly deployed in modern systems. Given the current state of increasingly frequent and devastating attacks on computer systems, such a breakthrough idea can have without a doubt a great impact to both the scientific community and the general public.

Document Details

Document Type

DoD Grant Award

Publication Date

Oct 16, 2018

Source ID

W911NF1710253

Entities

Tags