SystemsSec 2018W Lecture 14

From Soma-notes
Jump to: navigation, search


Lecture 14 audio.

Notes Student 1

► Many strategies are wrong: If there is one single bug in any major system we use, everything falls apart

► We can do better, but the way we do things now is not sustainable

→ Existence proof: Biology

1. Everything starts with a random process
2. How do biology systems protect itself again adversaries?


  • Animals face threats (ie. Falls of cliff, gets eaten)
  • Threats from really small things (huge factor in mortality, ie. humans lifespan doubled because of disease control):
→ They see the animal as a resource, so why not use it?
→ Most important defence: Barrier defence
- Skin
→ But we can't keep everything out: Basic chemistry
- Stomach acid to react with what came into your body
- Digestive enzymes (enzyme: biological catalyst) breaks down proteins
  • Analogies:
DNA = "Stored code"
→ Backbone = "Framework"
Proteins = "Running code"
T-cells = Has randomized detectors to find bad things. If binded to a regular cell, gets killed
→ Auto-immune disease
- T-cell recognizes some behaviour and reacts with it
- To prevent mistakes (ie. autoimmune disease)
○ Only battles when there is evidence cells are dying


  • Chunk of DNA/RNA (in between DNA/RNA and proteins) surrounded by proteins
  • When comes in contact with cell, injects DNA into cell
- Overflow cell (cell running malicious code) until it explode, and continue to other cells
-Cells have vulnerabilities
□ Viruses targets fact that cells have semi-permeable membranes
- Defence
□ Cells have different membranes


  • Regular proteins will output certain peptide, immune system checks if its the right one
- Virus imitates the protein
  • Red, hot: Immune system discovered dead cells and investigates
  • Incompatible MHC: Organ rejects new organ


  • When your good bacteria turns bad, fecal transplant

The body is not an engineering system: Separation of concern is not there, they are all just cells.

Notes Student 2

Assignment now due March 5th Midterm postponed to March 7th

Using biology as an existence proof:

  • The code inside you was generated by random code

In computer security, we are engaged in evolution

  • The system's survival depends on evolution
  • As adversary adapts, leads to new defenses


Each animal has risks to survival: getting attacked, missing food

  • There are also risks from really small things (which is a huge factor in mortality):
    • Think about why the human lifespan has doubled? Because we are getting infectious diseases under control
  • The small thing sees the animal as home (animal = set of resources)
    • It's not necessarily malicious, it's a mobile place to live and eat

Animals need to have defences

  • Barrier: skin → this is a physical layer
  • Acid (stomach) → this is chemical, it'll just react with whatever comes into the body
  • Digestive enzymes
    • Enzyme = biological catalyst, something that changes the rate of a reaction
    • Digestive enzymes = breaks down protein

You are made up of the following, and this is how it relates to computer science:

  • DNA = stored code
    • Control code, and the patterns for the protein
    • Chain of 4-letters
  • RNA
    • Carbohydrates
    • Protein = running code
  • Made up of chains of 20 amino acids

Peptide = 6-10 amino acid chain


What is a biological virus?

  • A chunk of DNA or RNA surrounded by a coat of protein
  • Gets into a cell and forms a virus
  • The cell membrane should block this, but it has vulnerabilities
  • One of the fundamental ways we are protected against this: cells are all a little different in what they allow and don't allow in (so not everyone would die from the same virus)

Immune system

  • Made up of cells like the rest of your body
  • When the virus has infected a cell, it runs malicious code inside the cell
  • Problem: immune system needs a way of knowing what's going on inside a cell, but they can't puncture the cell
  • Solution: the immune system looks at the cell's behaviour, puts the peptides on the outside of the cell
  • Think in evolutionary terms, how would the virus try and get around this: make its proteins out of the same peptides as the one's you're trying to infect

Major Histocompatibility Complex (MHC)

  • Found on the surfaces of cells, so immune system can recognize foreign substances
  • In computer science terms: deals with the problem of recognizing malicious code
  • This matters for things like organ transplant
  • If you're getting a transplant from someone with incompatible MHC, you're immune system with attack the organ

How does this fit in with what we're talking about this term?

  • Central problem of today's attacks: if I can find the vulnerability in one host, I can infect millions of others that are running the same thing


  • Not self-reactive
  • Finds the bad small things
  • Once the t-cells are release to circulate in the bloodstream, they are going to see patterns they haven't seen in testing
  • How do you make sure these patterns do not cause an auto-immune disease?