Towards Scalable Computer Defenses

迈向可扩展的计算机防御

• 批准号: RGPIN-2014-03782
• 负责人: Somayaji, Anil
• 金额: $ 2.33万
• 依托单位: Carleton University
• 依托单位国家: 加拿大
• 项目类别: Discovery Grants Program - Individual
• 财政年份: 2017
• 资助国家: 加拿大
• 起止时间: 2017-01-01 至 2018-12-31
• 项目状态: 已结题
• 来源: https://www.nserc-crsng.gc.ca/ase-oro/Details-Detailles_eng.asp?id=634959
• 关键词: Towards; Scalable; Computer; Defenses

We seem to be losing the battle of computer security. Despite increasing investments in software security on all sides, attackers are still able to bypass defenses seemingly at will. The situation is so bad that large network administrators must assume that their networks have already been infiltrated no matter how much effort they put in to their defenses.We assert that the key reason for this seemingly hopeless situation is that attacks are scalable while computer defenses are not. Attackers can make fixed-cost investments in attack development (e.g., finding a zero-day exploit, deveolping an exploit deployment mechanism) that can allow them to compromise millions of hosts. Defenders, however, can expend an unbounded amount of resources deploying firewalls, installing anti-malware software, running intrusion prevention systems, and manually auditing their software and configuration, only to find that their systems have still been compromised - assuming they are fortunate enough to even notice.We propose to study the theory and practice behind making scalable defenses. The key insight for building scalable defenses is that attacker work should scale with the population size of the defenders: attackers should be required to expend effort proportional to the number of hosts that are to be compromised. The key questions addressed in this research are first, how can we define defense scalability in terms of software architecture and economics, and to what extent are current defenses scalable. If this research is successful it should provide a foundation for building and evaluating a new generation of scalable computer defenses.

我们似乎正在输掉计算机安全之战。尽管各方都在增加对软件安全的投资，但攻击者似乎仍然能够随意绕过防御。情况是如此糟糕，大型网络管理员必须假设他们的网络已经被渗透，无论他们付出多少努力，他们的defenses.We断言，这种看似无望的情况的关键原因是，攻击是可扩展的，而计算机防御不是。攻击者可以在攻击开发中进行固定成本投资（例如，找到零日漏洞，开发漏洞部署机制），这可以让他们危害数百万台主机。然而，防御者可以花费无限的资源来部署防火墙、安装反恶意软件、运行入侵防御系统以及手动审计他们的软件和配置，结果却发现他们的系统仍然受到了危害--假设他们有幸注意到的话。我们建议研究可扩展防御背后的理论和实践。构建可扩展防御的关键见解是，攻击者的工作应该随着防御者的人口规模而扩展：攻击者应该被要求花费与将要受到危害的主机数量成比例的努力。在这项研究中解决的关键问题是，首先，我们如何定义国防的软件架构和经济方面的可扩展性，以及在何种程度上是目前的防御可扩展性。如果这项研究成功，它将为构建和评估新一代可扩展的计算机防御提供基础。