scrub istc: secure computing research for users’ benefit trust autumn 2011 conference
DESCRIPTION
SCRUB ISTC: Secure Computing Research for Users’ Benefit TRUST Autumn 2011 Conference. Anthony D. Joseph UC Berkeley. Insecurity is a tax on computing. Our lives, and our data, and our money, are increasingly flowing through our computers, our phones, … - PowerPoint PPT PresentationTRANSCRIPT
Anthony D. Joseph
UC Berkeley
SCRUB ISTC:Secure Computing
Research for Users’ Benefit
TRUST Autumn 2011 Conference
Insecurity is a tax on computing
Our lives, and our data, and our money, are increasingly flowing through our computers, our phones, …
However, technology isn’t always secure. 65% of Internet users have personally
experienced cybercrime Companies are concerned: 91% expressed
concern over exploits like those that hit Google 760 companies compromised through SecurID info theft
Security concerns slow adoption of technology
9
Malware-tolerant computing
Malware is a fact of life We cannot banish it. We must live with it We need technology for establishing security
amidst a sea of malware
Don’t want security problems to slow adoption of technology
Security touches many fields
Security
Systems
Architecture
Networking
UsabilityAlgorithms
Machine learning
1
SCRUB is a new Berkeley center focusing on security for user’s benefit Improve security for future technologies, at every layer of
the stack One of four Intel Science and Technology Centers
Model: industry funding (Intel) + collaboration 4 Intel researchers in residence on 7th floor Soda $2.5M/year in funding: 3 years + 2 year renewal option UCB PI: David Wagner. Intel PI: John Manferdelli. Associate Director: Anthony D. Joseph
Headquartered at Berkeley ($1.8M/yr) + CMU, Drexel, Duke, UIUC ($0.7M/yr)
New initiative: Security ISTC
Establish secure computing environment
via thin intermediation layer.
Make 3rd
party apps safe.
Enable one phone for both work and
personal use
Help administrators manage, monitor, and protect
their networks, information, & services.
Integrate security into network and system
architecture
SCRUB Research Agenda
Thin intermediation layer
Mobile security
Data-centric security
Security analytics
SCRUB
Security-centric networking
How do we make 3rd party apps safe?
How do we enable a rich, thriving marketplace?
Secure mobile phones
Robust, secure app stores Can we provide libraries/tools to developers to
make it easier to get security right than to get it wrong?
Understanding app behavior Can we automate parts of the app review process?
Secure phone platforms Can we improve the permission system? Ideally, it
would be usable yet still give users enough control The multi-use, multi-context device
Can we make the phone safe for personal use, without endangering corporate data or functionality?
Can we avoid carrying two phones, one for work and one for yourself, without losing security or privacy?
Example research challenges
Longer term, are app-centric mobile platforms a more effective model for securing the desktop?
Mobile Desktop?
?
Securing the desktop:
Thin intermediation layer
Hardware
Intermediation layer
OS
Web browser Banking appEmail
Thin
client
Data increasingly resides not only on end-user devices, but also on servers, cloud, …
Can we provide consistent protection for user data as it flows through a complex distributed system, no matter where it is stored?
Data-centric security
Proposal: Data-centric security. Attach security policies to data, and ensure they
stay bound together
Example: Data capsules, unsealable only within a secure execution environment e.g., secured with a TPM, information flow
tracking, …
Goal: A platform for secure computation, with privacy for user data
Data-centric security
How can the network architecture facilitate security?
What primitives should it provide to applications?
Network security
Monitoring network traffic… … at scale … with a view into application-level
semantics
Potential: Enable more sophisticated, semantic- aware analysis of network traffic, to detect and block attacks
Network security
Goal: robust security metrics and analyticsDeveloping tools combining machine learning
and program analysis to automatically extract features and build models
Improving users’ experiences by translating the reasoning behind security decisions into human understandable concepts
Designing robust algorithms and finding lower-bounds for techniques defending against adversarial manipulation
Security analytics
Adversarial Machine LearningIn real life, adversaries are Byzantine
In real life, adversaries are patient
They adapt behavior
Example goals:Avoid detection of attacksCause benign input to be classified as attacksLaunch a focused attackSearch a classifier to find blind-spots
Security analytics
Security Analytics and Metrics
Decision
Model
Biometrics
CollectorBiometrics
CollectorBiometrics
CollectorsAdversarial
Machine
LearningText
Analysis
Log
Analysis
Decision
Analysis
Code
Analysis
Metrics,
Alerts
We want to focus on security for all areas where users come in contact with technologyEnabling secure computing on malware-infected
computers Identifying primitives that hardware, networks,
OSs, … should provide, to best support securityDeveloping a better security paradigm for desktop
computers of the futureDesigning adversarial resistant algorithms for
measuring a system’s securityHelping users feel comfortable and safe with
computing and e-commerce
SCRUB Goals
SCRUB
Dawn Song David WagnerScott Shenker Doug Tygar
Vern PaxsonAnthony JosephDavid Culler Sylvia
RatnasamyLandon Cox Rachel
Greenstadt
Sam King Adrian Perrig
Ling Huang Vyas SekarPetros ManiatisJohn Manferdelli
Thrust areas
Secure mobile devices
Data-centric security
Secure thin intermediation layer
Security analytics
Security-centric network architectures