BioSec 2012: Consolidated Notes

From Soma-notes

Below is a summary of what was discussed in the 2012 run of Biological Approaches to Computer Security, organized by topic.

(Cheryl: I think a topical organization is easiest and clearest, but if you have other ideas feel free to go with them. I just made up some topics off the top of my head, please use ones that make sense based on the notes you find. Look at all of the pages linked to from the top-level biosec page: the notes for the first weeks, the misc notes pages, and the individual student pages. Please condense or drop stuff that is too detailed (particularly notes on evolution).)

Evolution

Biological Diversity

Software Diversity

Malicious code/organisms

Homeostasis/feedback

Cell Communication

Hormone: messenger molecule/small chemical messages

  • creates localized state change
  • kind of an interface to the cell
  • hormones mediate reactions
  • used for regulating homeostasis
  • work with the nervous system to communicate throughout the body
  • hormones aren't surface bound, they go into the cell
  • they are global signals, and can have systemic effects
  • there are different hormone receptors and mechanisms
    • they induce change on the inside of cells instead of triggering reactions from the outside
  • seem to be an early evolutionary construct
    • sort of a blunt stick form of communication
    • govern emotions, fight or flight-type reactions, growth
    • they have systemic and far-reaching effects
  • hormones are sort of like datagrams
  • only about 50 hormones exist
    • they don't convey much information, or much interpretation
    • however, concentrations don't need to be high for them to have effects
  • one-to-many communication

Crosstalk:

  • different hormones interfere with each other
  • a given receptor can be activated by different molecules
  • a molecule can activate different receptors
  • the network begins as a fully connected graph, and then connections are pruned away
  • crosstalk is why drugs have complicated and unpredictable side effects

We could consider the "drug discovery problem" to be equivalent to the "computer security problem".

  • Engineering challenge
    • every input is connected to every output
    • through trial and error, select for the pathways that work
  • moral of the story: there needs to be more coupling than we think in computer
    • we need to allow for feedback loops, running parallel to the main operations
  • Metabolic diseases are really receptor diseases
    • the question is "what receptor does it target?"
    • this is why viruses only affect certain tissues: the tissues where the receptors are located are affected
  • some diseases (such as avian flu) can be caught by humans from animals, but not spread between humans

In this chapter the differences between cellular communication and the communication that takes place in computer programs was discussed. In cellular communication, the process seems to be top down: all links are established, then some are pared away. In computer programs, the process is bottom up: links are established on an as-needed basis. My first thought is that having more links could be a security problem - if you want information to stay where it's put, not having many links seems to make sense. However, having a system with more links could allow for more feedback and could potentially better support an evolutionary system.