From: Charles Reis (creis@cs.washington.edu)
Date: Wed Dec 01 2004 - 00:10:59 PST
How to 0wn the Internet in Your Spare Time
Staniford, Paxson, Weaver, 2002.
The authors make clear just how severe a threat active worms are for the Internet, along with the enormous commercial industry and personal dependence that has grown up with it. They begin by analyzing the propagation of several previous worms, and then provide a series of design possibilities that make it possible for a worm to infect almost all vulnerable hosts in a matter of seconds. Even worse, a more stealthy contagion approach is suggested (especially relevant for P2P networks), allowing worms to evade detection to create a pandemic. Together, the possible designs form an intimidating picture for cyber-warfare.
The fact that an academic paper outlines new techniques for worm authors is somewhat disturbing at first, especially in the absence of effective defenses for such attacks. However, it is a clear wake up call to the systems and networks communities to consider these issues in the designs of new systems and possible defense mechanisms. The proposed CDC is one possibility, intriguing in its continuation of the biological metaphor, but perhaps controversial in many of its proposed duties.
There is a clear tradeoff between designing flexible, general purpose systems and explicitly preventing certain types of programs from running. Ideas such as stronger type safety or limiting connections (perhaps using a capabilities approach) seem promising, but are not always easy or appropriate. Unfortunately, Turing completeness is not on our side in terms of identifying threats, and there are many good reasons not to be overly conservative if possible. (For example, only executing signed code is one extreme which could significantly change the current "tinkerer" model of software development.) Finding the right balance will clearly be a difficult and important challenge, involving a great deal of coordination, analysis, and novel mechanisms.
This archive was generated by hypermail 2.1.6 : Wed Dec 01 2004 - 00:11:00 PST