BioSec 2012: Consolidated Notes
Below is a summary of what was discussed in the 2012 run of Biological Approaches to Computer Security, organized by topic.
(Cheryl: I think a topical organization is easiest and clearest, but if you have other ideas feel free to go with them. I just made up some topics off the top of my head, please use ones that make sense based on the notes you find. Look at all of the pages linked to from the top-level biosec page: the notes for the first weeks, the misc notes pages, and the individual student pages. Please condense or drop stuff that is too detailed (particularly notes on evolution).)
Evolution
The origin of species by Charles Darwin is one of the most well known and respected pieces of literature to this day, even through today, it is half a century old. It has changed the way we as humans see and perceive the world as we know it. Darwin's theory on evolution challenged all the past and present views of how species came about. This not only includes theories in science, but also religion - where many believe in natural theology. That is species are created by a creator and a species' adaptation to their environment is nothing but `intelligent design'. Although still very much a controversial piece of literature as it was in Darwin's time; the theory of evolution has stood the test of time in the scientific realm and still remains to be the most accepted scientific explanation for the origin of species of all living organisms.
Summary of The origin of species
The entire argument that Darwin formulated throughout this piece of literature is based on variation. It should be noted that variations in a particular species is present irrespective of whether or not that particular species is domesticated. Each species is distinguishable from the other due to the numerous different adaptations and traits it poses. The variations in a particular species are present in either one, or a combination of physical, chemical and biological traits. These traits are often inherited from one generation to the next (hereditary) and is rooted in the species adapting to change in their environment at some point in history. To support this hypothesis Darwin gives numerous examples of remarkable adaptions that permitted different species to survive and in some cases thrive in their environment. A couple of these examples include: the beak of the woodpecker that allows it to better collect it's prey - insects, and the wings of the bat that permits it to fly. Furthermore small variations seen within a particular species directly correlated to variations seen across different species. Thus, Darwin's entire theory of evolution attempts to explain with proof of observation that variation is the entire cause of the origin of species.
Key to Darwin's argument is the notion of natural selection which explains how variation can eventually lead to the evolution of the particular species. In order to understand this concept, one needs to first understand the concept of struggle for existence. In chapter three through to chapter seven of \textit{the origin of species}, Darwin explains the struggle for existence as the reason why some species' characteristics survive and others go extinct. In addition, he notes that the huge amount of variation in species has permitted for species to adapt very well to their environments. That is, due to the unique characteristics that certain organisms have developed they can thrive in their specific environment. In addition, Darwin notes that only the characteristics that prove to be most advantageous (variations that permit a species to adapt to their environment better than other species) is passed from one generation onto the next (hereditary). This is when the concept of natural selection comes to play. Natural selection allows for the species that have best adapted to the environment to survive and/or prosper. However, at the same time the species that do not possess variations that are advantageous struggle for their existence, but do not succeed, thus becoming extinct.
In other words, natural selection is basically the mechanism that drives what we refer to as evolution. Living organisms continue to pass genes from one organism to another. These genes are not all the same, some carry variations, some do not. The variations in the genes can prove to be either advantageous or disadvantageous to future generations. This is due to the fact that only advantageous genes are naturally selected and thus survive. Implying that living organisms with the advantageous genes continue to reproduce passing their genes from one generation to the next. Eventually, this variation causes this group of living organisms to be branch off from their original species and become a species of their own. The continual branching of species into new species suggests that all species can be traced back to one single parent species. Moreover, this theory provides a simple but profound explanation as to why many species are very similar to each other. The reason behind which is that the species either evolved from one another or they have a closely related common parent.
Another concept that go hand in hand with natural selection is the limits of population increase. Nature can provide enough food and shelter for all the species that is inhabitants and at the same time be very destructive (natural disasters, animals prey on other species, etc.). This in turn causes species to struggle for their lives, and essentially prohibits some organisms to survive. The concept of limits of population increase (borrowed from Thomas Malthus) basically states that each generation increases the population of the species exponentially, which in turn implies that the population of the entire world is increasing constantly. However, this poses the problem of the world running out of room for the species to occupy. That is if the birth rate increases exponentially while the death rate remains the same from one generation to the next. This is not the case in reality, thus there must exist a limit that nature imposes on the total number of inhabitants. This in turn gives rise to competition, where each species must compete with each other in order to ensure that they survive thus threatening the survival of the other species.
The rest of this piece of literature is devoted to Darwin defending his theory against possible criticisms from other known scientists of that time, and still some today. For example, the existence of fossil records proves not to link the chains of evolution from one parent species. Darwin's argument in this case is that, many of the fossil fuels found today, are not perfect, their original conditions have been destroyed. In addition Darwin argues that geographical isolation proves to be a fundamental component to his theory. That is because his theory suggests that all living organisms develop from one or a handful of `original' parent species, there was a need for species to travel and immigrate to different areas of the world. However, this was easier said than done, especially when barriers such as water (oceans), height (hills and mountains), etc. highly restricts the possibility of living organisms to immigrate to another region of the world. Thus, the few that were able to escape their birth place and immigrate to another region shaped the rest of the species in that particular geographical area.
Computer security perspective
A lot can be said about applying computer security to Darwin's approach. To begin with, a lot of questions needs to be answered. For example, although Darwin's approach of evolution seems to be a fool proof way of doing things, it is really slow. In order for biology to get to the stage where it is at, it took billions of years. How are we supposed to replicate this billions of years worth of work in a matter of few days or months or even years? In addition, following Darwin's approach, we need to be able to accept failure most of the time. That is, biology has gotten to where it is currently at by accepting failure, which is present when species become extinct because they did not adapt a advantageous variation. Lastly, in Darwin's theory, a species survival was highly dependent on that of the environment. Although this might have worked within the realm of biology, we do not have the luxury of exploiting this in the realm of computer security. That is, computer security needs to work accurately irrespective of the environment it is in.\\
Biological Diversity
Software Diversity
Malicious code/organisms
Homeostasis/feedback
Cell Communication
Hormone: messenger molecule/small chemical messages
- creates localized state change
- kind of an interface to the cell
- hormones mediate reactions
- used for regulating homeostasis
- work with the nervous system to communicate throughout the body
- hormones aren't surface bound, they go into the cell
- they are global signals, and can have systemic effects
- there are different hormone receptors and mechanisms
- they induce change on the inside of cells instead of triggering reactions from the outside
- seem to be an early evolutionary construct
- sort of a blunt stick form of communication
- govern emotions, fight or flight-type reactions, growth
- they have systemic and far-reaching effects
- hormones are sort of like datagrams
- only about 50 hormones exist
- they don't convey much information, or much interpretation
- however, concentrations don't need to be high for them to have effects
- one-to-many communication
Crosstalk:
- different hormones interfere with each other
- a given receptor can be activated by different molecules
- a molecule can activate different receptors
- the network begins as a fully connected graph, and then connections are pruned away
- crosstalk is why drugs have complicated and unpredictable side effects
We could consider the "drug discovery problem" to be equivalent to the "computer security problem".
- Engineering challenge
- every input is connected to every output
- through trial and error, select for the pathways that work
- moral of the story: there needs to be more coupling than we think in computer
- we need to allow for feedback loops, running parallel to the main operations
- Metabolic diseases are really receptor diseases
- the question is "what receptor does it target?"
- this is why viruses only affect certain tissues: the tissues where the receptors are located are affected
- some diseases (such as avian flu) can be caught by humans from animals, but not spread between humans
In this chapter the differences between cellular communication and the communication that takes place in computer programs was discussed. In cellular communication, the process seems to be top down: all links are established, then some are pared away. In computer programs, the process is bottom up: links are established on an as-needed basis. My first thought is that having more links could be a security problem - if you want information to stay where it's put, not having many links seems to make sense. However, having a system with more links could allow for more feedback and could potentially better support an evolutionary system.