When new viruses are unleashed into cyberspace, software makers need to find the virus’ signature and quickly release updates to prevent the bug from inflecting damage. The time delay from when viruses are identified and when fixes are sent out can leave computer systems vulnerable to a cyberattack.
Researchers at the U.S. military’s Defense Advanced Research Projects Agency, or DARPA, have cybersecurity projects underway that may someday change the way we counter the threat of viruses and other types of malware.
One program called the Clean-slate Design of Resilient, Adaptive, Secure Hosts, or CRASH, program was created to not only develop technology that would protect computers from viruses but also enable them to recover and repair themselves.
The idea for CRASH came about during a workshop that brought together security experts and infectious disease biologists to brainstorm new approaches to dealing with cyberattacks. One notable idea that arose from the discussion was that perhaps computer systems can be manufactured in a manner that allows it defeat a viral infection the same way the human immune system fends off the flu or chicken pox.
To ward off diseases, the human body operates from the standpoint that viruses and bacteria will get past it’s defenses now and then. Also, biological viruses won’t affect everyone the same since there is a good degree of genetic diversity between any two people.
Computer hardware, however, are built pretty similarly. Malware programmers can look to inflict damage to a wide network of computers by successfully targeting just one PC. Kaigham Gabriel, DARPA’s deputy director, thinks that adding certain security enhancements would give computers a sort of genetic diversity, making them less vulnerable to infections.
In a interview, Gabriel told the American Forces Press Service:
“The idea is to look at the structure of computers, which are identical and have no security in the hardware … because performance was king 15 or 20 years ago,” he said. “Transistors and computer performance were precious and you didn’t give up any of it to security. Now, the world is different.”
Another program the agency has in the works is Programming Computation on Encrypted Data (or PROCEED — those military types love their acronyms). The goal of the program is to create technologies that would allow data to stay in a protected state of encryption even while programmers operate on it.
“Encryption is one way of protecting things, but if you want to operate on encrypted data — process it, do something with it — you have to decrypt it first. You operate on it while it’s in a decrypted state, then take your result, encrypt that again and send it on,” Gabriel told the AFPS.
Although both projects are currently for military purposes, technological developments within government agencies are noteworthy because often such achievements can lead to real-world applications for consumers. Let’s not forget that behind the closed doors of DARPA was where the internet was born in the first place.
Photo: Lockheed Martin
Related on SmartPlanet: