The Future of System Security Research: Composition Focusing and Data Centric
Tomorrow’s computing will be ubiquitous, interconnected, interoperative, sensory and data intensive. Protecting such computing needs new technologies that not only secure individual systems but also safeguard their integration (e.g., smartphone’s management of smartwatch, backed by the cloud services) in the most user-friendly (e.g., with minimum effort for configuring security setting) and intelligent way (proactive identification of threats, putting protection ahead of hazards). To make this happen, I believe that two greatest security challenges need to be addressed: how to enable secure composition of diverse computing systems and resources (devices, services and others), and how to protect big data and leverage it to make secure computing smarter and more effective.
Unlike the traditional system security research, which more focuses on the security weaknesses within a single OS, a single program and a single service, we believe that the future security threats will aim at the boundaries between different components: e.g., management of smart watches, home automation devices through smartphones, synchronizing system states across mobile devices, web applications deployed across mobile phones and the cloud, integrations of multiple services (payment and SSO) into a single web service. Such boundaries (the ways those systems and resources are integrated) expose a huge attack surface and are increasingly hard to secure. Our prior research shows that service compositions involving leading web services (Google, Amazon, PayPal, Facebook), mobile systems (phone-controlled IoT, etc.) are all vulnerable, often due to the misunderstanding about what different components can protect and what they cannot. Even more challenging is how to integrate these systems in the most user-friendly way, without undermining the security protection in place. Ideally, one should be able to connect her phones to her watch and smart fridge and her medical devices even without configuration, quickly integrate PayPal and Google SSO into her code with a single line of instruction. In practice, this cannot be done using today’s techniques without security consequences, as found in our work. Since the future computing will enable the user to freely move her computing across devices, use services and resources from different sources, fully understanding the security risks in piecing those individual puzzles (systems, resources) together and developing automated techniques to support this process will be right in the center of security innovations.
Also important here is the availability of a huge amount of data and the progress of big-data analytics. The privacy challenge here is significant, since the amount of private information that can be derived from such data is unprecedented, which has been pointed out by the 2014 report to the President. Today’s cryptographic techniques are not designed for protecting the data of such a scale. Our research shows that the techniques tailored to the unique features of the data (such as human genome data) have great potentials to move the security techniques towards the practical end. In the meantime, the availability of the big data also presents to the security researchers a great opportunity to better understand the adversary: what they have done, what they are about to do, what their strategies and infrastructures are, etc. Leveraging such information, we can seize the opportunity to revolutionize security technologies, making it smarter and proactive. As an example, our Android malware detection system http://www.appomicsec.com demonstrates that we can achieve a very high detection rate, capture unknown malware without resorting to malware signatures and known malicious behavior used by the commercial AV systems today.