Skip to main content

Seminar:  Dancing with the Adversary: a Tale of Wimps and Giants

Date:February 2, 2015 
Talk Title:Dancing with the Adversary: a Tale of Wimps and Giants
Speaker:Virgil Gligor
Time & Location:12:00pm - 1:00pm
CIC Building, Pittsburgh

Abstract

A system without accurate and complete adversary definition cannot possibly be insecure. Without such definitions, (in)security cannot be measured, risks of use cannot be accurately quantified, and recovery from penetration events cannot have lasting value. Conversely, accurate and complete definitions can help deny the adversary any attack advantage over a system defender and, at least in principle, secure system operation can be achieved.  In this talk, I argue that although the adversary’s attack advantage cannot be eliminated in large commodity software (i.e., for “giants”), it can be rendered ineffective for small software components with rather limited function and high-assurance layered security properties, which are isolated from giants; i.e., for “wimps.” However, isolation cannot guarantee wimps’ survival in competitive markets, since wimps trade basic system services to achieve small attack surfaces, diminish adversary capabilities, and weakened attack strategies.  To survive, secure wimps must use services of, or compose with, insecure giants. This appears to be “paradoxical:” wimps can counter all adversary attacks, but only if they use adversary-vulnerable services from which they have to defend themselves.  

In this talk I will illustrate the design of a practical system that supports wimp composition with giants, and extend the wimp-giant metaphor to security protocols in networks of humans and computers where compelling (e.g., free) services, possibly under the control of an adversary, are offered to unsuspecting users.  These protocols produce value for participants who cooperate. However, they allow malicious participants to harm honest ones and corrupt their systems by employing deception and scams. Yet these protocols have safe states whereby a participant can establish (justified) beliefs in the adversary's (perhaps temporary) honesty. However, reasoning about such states requires techniques from other fields, such as behavioral economics, rather than traditional security and cryptography. 

Speaker Bio

Virgil D. Gligor is Professor in the Department of Electrical and Computer Engineering at Carnegie Mellon University.

Professor Gligor received his B.Sc., M.Sc., and Ph.D. degrees from the University of California at Berkeley. Prior to joining Carnegie Mellon, he was a Professor of Electrical and Computer Engineering at the University of Maryland (1976 – 2007). Gligor was a Visiting Professor at University of Cambridge (1999), ETH Zurich (2005), EPF Lausanne (2006), and a Research Professor at Singapore Management University and University of Maryland (2008-2011). He was a consultant to the Burroughs (1977-1981) and IBM (1984-1999) corporations, and has served on Microsoft’s Trusted Computing Academic Advisory Board (since 2002), SAP’s Security Advisory Board (since 2011), and Queen’s University Belfast CSIT Advisory Board (since 2012).

For nearly four decades, Professor Gligor’s research interests have ranged from access control mechanisms, penetration analysis, and denial-of-service protection to cryptographic protocols and applied cryptography. His research addresses problems of trustworthy computing in the presence of an active adversary (e.g., malware, malicious insiders) and next generation secure Internet.

Gligor served the profession as the chair or co-chair of several conferences and symposia, including the ACM Computer and Communication Security Conference, IEEE Security and Privacy Symposium, the Internet Society’s Network and Distributed Systems Security Symposium, the IEEE Dependable Computing for Critical Applications, and IEEE-ACM Symposium on Reliability in Distributed Software and Databases. Gligor was an editorial board member of several IEEE and ACM journals, and the Editor in Chief of the IEEE Transactions on Dependable and Secure Computing.

The Association for Computing Machinery (ACM) named Professor Gligor as the recipient of its 2011 Outstanding Innovation Award for security and privacy research. The award, bestowed by ACM’s Special Interest Group on Security, Audit and Control, recognized Gligor’s innovations in secure operating systems as well as covert channel analysis, intrusion detection, and secure wireless sensor networks.

Professor Gligor also received the 2006 National Information Security Award for pioneering research in information security, an award jointly given by the National Security Agency and National Institute of Standards and Technology in the US.

In 2013, Gligor received the IEEE Computer Society Technical Achievement Award for pioneering work and leadership in the area of computer and network security.