Lecture 1
---------
Welcome to Evolutionary Security!
- lectures are recorded, but that is just for private use
- you'll have access, but they won't be public
* Grading, expectations
* What this course is about
* My history
- 1984: first computers (Atari 400, Apple //c, Apple IIgs)
- 1989: AI
- Medicine + computers?
- 1990-1994: MIT
- started as biology major, ended up a math major
- took premed classes + CS classes (CS theory)
- computational biology?
- artificial life
- part of "complex adaptive systems"
- University of New Mexico, Santa Fe Institue
- theoretical immunology
- computer immune system?
- real-time intrusion detection & response system based
on lightweight anomaly detection (pH)
- joined Carleton in 2003
Why don't other security researchers like the things I like?
- my aesthetics for computer defenses seem VERY different, why?
Early work was focused on bio-inspired methods
- WAY too easy to do name magic with biological terms
Metaphors let you map domain A onto domain B
- but what you really want is some common theory T that applies to A and B
So this course is about that theory, trying to explain and elaborate it
- but I don't have a complete theory yet, I more have an outline
I think Darwin messed up
- current evolutionary theory isn't wrong, but it misses the big picture
What's your job in this course?
- provide feedback on what I say (question, argue against even)
- develop your own ideas
* Darwinian evolution
* Artificial life
* Limitations of current computer security theory & practice
* game theory in the context of evolution
* symbiogenesis
* current security arms race
- evidence for evolutionary dynamics
* evolution in other domains
- economics, social organization
- practice of computer security
Limitation of computer security practice currently
State of the art defenses
- anti-malware
- firewalls
- automated software patches
- automated vulnerability discovery
- multi-factor authentication
- access controls
- immutable systems
- virtualization/confinement
- biometrics
If you implement all of the above, using "best practices", money is no object...is your system secure?
Specifically, could an attacker develop an attack that a) bypasses all of these defenses and b) would not be detected later if the attacker is competent (unless someone smart noticed something)
- YES
This is not true for biology!
- if things go wrong, your body notices and fights back
- it doesn't always succeed, but it basically always tries
HOW? WHY?
- and why can't computers do this?!
It isn't about mechanisms, it is about architecture
biological systems are robust under evolutionary pressure
- because they had to be
- computer systems aren't
- computer systems + people are
Charles Darwin
- wanted to explain the diversity of life
- how organisms are similar yet different
- maybe where they all came from
- he knew about "artificial selection", animal husbandry
- maybe selection also happens in nature, but "natural selection"
- "survival of the fittest"
- so you have
- a population of diverse individuals
- heritable characteristics (not dependent on life experience)
- some sort of selective pressure
- survival + reproductive pressure
- over time, this will result in a population of "improved fitness"
- conclusion: this is where species came from
We've created artificial simulations of the above, and it doesn't produce anything like the diversity of life
What's missing is cooperation