This article can also be found in the Premium Editorial Download "Information Security magazine: Security researchers on biometrics, insider threats, encryption and virtualization."
Download it now to read this article plus other related content.
"This technology sets up a trusted relationship, without PKI, so it's much cheaper," Perrig says. "It would need pretty much no infrastructure; it just locally works. If you have people from different companies and have the system installed, you can instantly set up keys and securely communicate."
SiB also shaves the chances of falling victim to a man-in-the-middle attack, where an attacker spoofs one end of a communication and reroutes traffic to them. SiB has a built-in failsafe that detects the intercession of another key and asks if the user wants to allow it access. In most cases, this key would be an attacker's.
"We want to provide security that is easy to use and provides security guarantees in all aspects of a transaction," Perrig says.
Guarantees are another thing Perrig is big on. Take, for example, his guarantee that a tiny 1,000-byte piece of hypervisor code he co-wrote with fellow CyLab researchers Arvind Seshadri, Mark Luk and Ning Qu, called SecVisor, will protect an operating system against any malware in the wild today.
"SecVisor write-protects the kernel so that no one can access it," Perrig says. "It will only allow a list of modules that are allowed to run on a particular OS and only permits this software to execute."
SecVisor stops kernel-level rootkits in their tracks and even detects the undetectable Blue Pill
| virtual rootkit, Perrig says. Only code approved by an admin is executed with kernel privilege, and all code loaded into the kernel is checked against this policy before it runs.
"SecVisor virtualizes the physical memory, which allows it to set hardware protections over kernel memory that are independent of any protections set by the kernel," Perrig, et al, write in a paper describing the project.
Virtualization is hot right now. Companies are consolidating servers and systems to cut licensing costs and conserve data center space and, more importantly, energy consumption. Many organizations are moving forward on these projects with little consideration for the se-curity of virtual environments. Attacks against the kernel are especially dangerous because usually, once a kernel is owned, it's owned forever.
Perrig says he's ported SecVisor to Windows and Linux, with very few modifications to either OS. He says SecVisor could be commercialized soon.
"Microsoft is very interested in it; we're talking to them about adopting some of the technology," Perrig says. "From the time I sent them an email about SecVisor, I had a response within hours, and within days they sent me a disk with the source code of the Windows kernel."
CyLab boasts 50 faculty and more than 130 graduate students, all of whom are contributing to a diverse set of projects such as SecVisor, Seeing is Believing, insider threat modeling or facial matching. Additional work is being done around privacy, risk management, and more technical areas such as audio CAPTCHA for authentication, botnet detection and e-voting security.
This was first published in November 2008