COMPUTER SYSTEM PROTECTION BY COMMUNICATION DIVERSITY

摘要

Attacks by viruses, worm programs, and other hostile software ('malware'), have become very serious problems for computer systems con- nected to the Internet. Such 'canned' (automated) attacks are arguably the big threat to the pr o- ductive use of computer systems in the modern world. Human hackers can- not be massively replicated and distributed: viruses, worm programs, attack scripts, and denial-of-service attacks can be. An embodiment of the inven- tion disclosed herein can provide protection against 'canned' attacks. Defenses against such hostile intruder software have been mounted in ma ny ways (friend/foe identification, sand-boxes, firewalls, behavior profiles, rule- based access controls, etc.). Despite such defensive measures, good defenses remain labor-intensive, and outside the easy reach of home computers and other low-cost system installations. There are proposals for new diversity-based approaches[5, 10] which, rath er then trying to keep up with changes in malware, diversify the attacked syste ms to make the creation of effective malware more difficult, whether by varying systems over time[5] or varying instances over systems in space[10]. Whether the diversity is temporal or spatial, the kinds of diversity whi ch have been proposed are less than substantial. (Such superficial changes are ef- fective against some malware, but more substantial changes would be effectiv e against a broader spectrum of malware.) The current invention is diversity-based, but greatly expands previous pr o- posals by organizing the method around a new central idea. Herein, we de- scribe a modified approach to the generation of tamper-resistant software (TRS)[1, 2, 3, 4, 12, 19, 20], which we call a Babel defense, as a protectio n against malware attacks. This approach is based on the observation that ren- dering fraudulent communications effectively meaningless prevents the effect s which the fraud was intended to achieve. In a Babel defense, we modify the communications among components of the system, with corresponding changes to the code handling those communications.