Schneier on Security

Clive Robinson • March 15, 2018 12:00 PM

@ Bruce,

Both attack and defense will benefit from AI technologies, but I believe that AI has the capability to tip the scales more toward defense.

Yes it has the capability, and they might if resources are made available get there. But it’s humans that make resourcing issue decisions and their priorities are rarely those of security (see later). Thus there is quite a high probability AI in security is not going to happen unless it is by a very low cost “domain transfer” from a domain that gets the resources. That is it will probably be as a “spin off”.

To see why we need to look a little deeper. As you note,

Humans, conversely, excel at thinking and reasoning. They can look at the data and distinguish a real attack from a false alarm, understand the attack as it’s happening, and respond to it.

Whilst the first part is true it becomes less so with “Humans, understand the attack as it’s happening, and respond to it”. It is in reality not happening for a number of reasons.

Firstly as you point out about computers,

They can launch attacks in milliseconds and infect millions of computers.

A human can not react in less than around a second to a direct physical attack. Even soldiers in a battle zone with a very high level of training and alertness can not do this. Thus a person with a machine gun can do a disproportionate amount of damage in that first second or two. The British army learnt that lesson back in 82 and changed their training appropriately.

But secondly there is a deeper problem with “Humans, understand the attack”, actually they don’t untill long after the “heat of war” and the dust has settled and there is time for reflection. You have noted this in the past about wining and loosing generals “fighting the last war again”. It’s one of the reasons why “officer training” and “Staff college” do so many “battle simulations”.

In general once an attack has started it’s not a “reactive defence” that works but if neither mittigation or proactive defences are in place the it’s an “Infinite number of monkeys…”[0] solution in most cases that “gets lucky”.

But dig a little deeper and you find the issue of “threat perception”. That is what is and is not seen as an attack and more importantly even if it is an attack does it warrant a response. Humans are fairly bad at this due to the “frog-boiling”[1] issue.

It’s actually a major problem that AI will probably not be able to help with. As more often than not the “call” is based on guessing or “gut feelings” due to lack of understanding or knowledge.

Whilst “gut feelings” are part of “thinking hinky” few get then and even fewer convert them to making the right judgment call, because they lack understanding/knowledge to convert the feeling to rational action. I doubt that AI will ever get “gut fealings” or ever have sufficient knowledge/understanding to respond correctly.

To see why, the knowledge/understanding issue is so important you need to think like an attacker combined with being an intelligence specialist that can see what others can not or chose to ignore. In the past I’ve developed attacks that exploit these issues. I mentioned a couple on this blog several years ago.

One was using a “diversionary attack” as an insider against the “code review process” to install a system that leaked key information. That is design in a back door, but not by trying to hide it. But make it look like it was a security feature so that there was a fully defendable explanation that was used “proactively” not “reactively” thus lead “the defenders into a trap of their own making”.

The other was to use what looked like a “script kiddy” attack to work out remotely which systems were using Virtual Machine technology and which were not thus perform target selection to pull out the traffic/hardware to watch. It was very effective against “honey nets”.

Both exploits were successful and proved a point about weak defenses to the defenders. Unsupprisingly even when the point was made it was ignored on the NIH principle…

Which is a very human failing that is also easy to exploit as the exploits showed. The point is it will be even easier to do against AI systems. Because you will as attackers currently do with Anti-viruse software test and tune your attacks on a duplicate AI system.

Which brings us back to what computers are good at which you note with,

They can scan computer code to look for particular kinds of vulnerabilities, and data packets to identify particular kinds of attacks.

This actually has a detrimental effect on the humans… That is their perceptions and most importantly their skill set and “thinking hinky” ability.

As more and more tests and examples are showning AI is a usefull tool to reflect the prejudices and other failings not just of those who design the systems but also of those who use them.

Worse whilst humans will fight prejudiced humans, AI is like magic to most and there is that in built fealing due to lack of knowledge/understanding that there is anything they can do against AI and it’s outputs.

The sad reality is that this game is over and those developing the attack computers have already won and the defenders lost the ability to reactively defend. Which means attention should be focused on mitigation and proactive defence not reactive defense.

Commercial enterprises however work mainly by being reactive as mittigation and proactive defense are frequently seen as “sunk costs” which is taking money from the share holders. Whilst the Internet remains a very target rich environment the “short term” risk of being a low hanging fruit player makes sense. Long term and as the number of attackers increase it is a very bad risk. But with business execs having a very short term view and rapid employment change, they are often gone before their short term risk goes bad…

Thus if we want to improve security meaningfully we have two basic choices,

1, Put sensible mittigation in place.
2, Use proactive not reactive defence.

Often these are so similar they are difficult to distinguish. However a mittigation usually has a longer security life. For example issolation of a system from the Internet and other communications will usually out last placing a firewall or similar between the system and the Internet security wise.

That said even an isolated system still needs proactive defensive measures to protect against “insider issues”. If you take a broader view the majority of attacks are caused by insider human failing or insider human design. After all it only takes a simple mistake / rouge action to put a bridge across from the Internet to the issolated system. There are so many ways to do this that you have to plan for it happening if you want the system to remain secure.

But how do you plan for it?

That brings you back to the issue of “Known knowns, unknown knowns and unknown unknowns”. AI can easily deal with “known knowns” but less than humans on “unknown knowns” as for “unknown unknowns” few humans can deal with them and currently no AI systems can.

Which makes AI the “general that won the last war” but has not moved forward in their thinking.

As I said at the start moving AI forward in security is a resource issue and few currently will spend resources on it unless it saves costs else where. Which in the current state of play is only going to be to meet an auditors check list on a asspect of the business that brings bussiness advantage thus share holder gain. This situation is unlikely to change untill AI has become sufficiently advanced in business advantage thus money earning domains that the cost of moving it to security will be sufficiently low that revenue can be raised from it. It is only when that tipping point is reached in the commercial world will it be worth risking an investment in AI for security…

[0] This comes from the old saying about an infinite number of monkeys just hitting the keys on an Infinite number of typewriters will one day produce the entire works of William Shakespeare. In the short term it’s a “hit all the keys” almost random defense. People try just about every thing they can think of without valid reasoning, and someone gets lucky and then tells everyone else.

[1] This is the “warm the water slowly” argument where you desensitize the target. Whilst not actually true for frogs it is true for humans when involved with thinking issues. The human mind becomes fatigued fairly quickly and response times drop and shortly there after fine judgment starts to go down. The same problem exists as the work load rises.

[2]

Clive Robinson • March 15, 2018 7:05 PM

@ echo, Cassandra, impossibly Stupid,

We will never achieve perfect but I’m not asking for perfect. I’m wondering if a general purpose tool can be built to sanity check security

The answer to that is “Most defiantly Yes”

Think of the problem in three parts,

1, Design better hardware with specific detection techniques.

2, Design the software with the right tools.

3, Detect anomalous behaviour during operation.

It’s not perfect because an insider could turn the system off and change the way the detection system works and turn it back on again. Which is where Kurt Gödels little theories on logic and maths give the problem.

However there are things you can do to get way way better security than other current architectures.

For instance whilst Gödel’s little theorms apply to Turing Compleate systems certain types of other logic systems like simple state machines that are fully maped out can be made in such a way that Gödel’s theorem does not apply (becaise they are insufficiently complex). However even though simple and highly determanistic such state machines are still very useful for certain security functions…

For example imagine that you halt a CPU and tristate it’s busses. You can then take over the memory and walk through every piece of “static heap” / “executable” memory with the simple state machine and build a CRC or Crypto Hash of the memory contents. This can be simply checked against the value it should be. If anything has changed then the test will fail and that will raise a flag in the simple state machine that generates an interupt to a hypervisor that can then perform other tests on the base CPU memory.

How often you halt the base CPU and walk it’s memory is a time based choice. If you decide to run them frequently then the CPU will spend an apreciable time halted and will thus have a high base processor inefficiency but near zero chance that malware can take over the base CPU. Obviously as you decrease the halted time the risk of malware taking over goes up. Thus you end up with a probabilistic detection system.

Other things you can do is put the base CPU behind a Memory Managment Unit which is controled not by the base CPU but the otherwise entirely seperate hypervisor. Thus an attacker has no way to change the setting of the MMU. Provided you make the granularity small the base processor can be given only the memory needed for it’s task. Thus not providing “slack space” where malware might hide.

If you make the function the base processor runs relativly small then you can pre-calculate times etc that act as execution signitures. If they miss then the monitoring state machine can halt the CPU and go into memory content checking…

Further if you have three base CPUs all running the same relatively small function with the same input data then you can use “voting protocols” to see if there are any dissimilar outputs. Again the monitoring state machine can halt the CPUs and run a memory check. If the CPUs have a different ISA then there is no way that malware can infect all three base CPUs at exactly the same time. Thus as the malware changes the execution of the first base processor all three are halted before any real harm can be done.

As I noted earlier it’s not perfect and it is probablistic in nature. But it puts the odds of a malware infection happening a long long way down on current architecture.

There are a number of other things that can be done to improve the security like using a Harvard not von newman CPU architecture. But those above should give you a reasonable taste of what is and is not possible.

I hope that helps your thinking things through and gives you the sort of answer you are looking for.

Clive Robinson • March 16, 2018 3:28 PM

@ echo,

I believe it’s easy to misunderstand the problem hence grabbing at Godel and not understanding intersectionality. If this kind of flawed log was followed to its ultimate conclusion nobody would bother with syntax checkers which is of course absurd.

The real issue is the Tolkin “One ring to bind them all” problem.

For some reason we accept the fact that workshop/factory machine tools as they become more powerfull become more specialised thus of less general use.

But we don’t accept that with software tools. People want one application to solve all problems. This alone should tell you there are real problems with the perception of ICT. Not just in the general population but actually inside the ICT industry and worse still in the sub domain that is security.

In part we can blaim the sales people that talk long but deliver short. There never was “The one tool…” and even industry gurus need to accept that and make sure the message gets out.

For instance “bubbling up attacks” have been known about since atleast the early 1980’s to my certain knowledge, but I find plenty of refrences to parts of it in books going back before the late 1960s.

Yet for some reason Rowhammer came as a compleate shock to almost the entire ICTSec industry. Do I need point out the dropped jaws for Spector and Meltdown and perhaps the more recent ones with regards AMD.

If you look back you will find that not only did I say “This is an Xmas gift that will keep giving” I specifically warned that accademics and similar would open up the architecture issues and find many more new examples.

It’s not just an understanding of how humans work look at the entire history of BadBIOS and audio side channels for a prime example that’s virtually got it all. But also an understanding of how the technology works at the levels below the CPU/ISA level and most importantly why they came about.

Somebody recently claimed I was a “Know it All” well I don’t nobody can, but I do know enough key factors in specialised areas that not only can I make more general, I can also explain why it’s not magic, in fact it’s just very predictable and like avalanches just need that one snow ball to get things moving in quite predictable ways…

My background is engineering, not in a specific domain or narrow field of endevor but in many. The secret as I’ve explained before is generalised tool sets. That is each domain or field of interest develops it’s own tools and skills. Usually they are very hard won, however they are frequently eminently transferable from one domain to many. You just have to have a brain that can do the pattern matching then light touch to get them just right for a new problem area… Part of that is @Bruce’s point about “thinking hinky”, but as importantly knowing the fundemental foundations so you can build solid solutiins not fairy tale castles in the clouds.

It aint rocket science, but there is two way transfer 😉