How to Defend Against Unknown Attacks (and lifehacking: more-efficient-sleep machine update)

[users of certain webmail services: my mails appear to be getting intermittently spamfiltered. You should be getting at least one a day. If not, check your spamfolder.]

A team led out of Canada’s Concordia University devised a way of measuring the security of a network against unknown attacks. By identifying not just the number of hops an attacker would have to make but the number of different types of exploits an attacker would have to use, it becomes possible to quantify the odds of resisting some unknown exploit.

From there, it becomes (at least conceptually) easy to increase the network’s security by optimizing for a larger value of the security metric.

In essence, this does for the old concept of ‘defense in depth’ what the Russian radar-cross-section equations did for the development of stealth aircraft. What once was an art of “this seems about right” can now be made a science.

Lifehacking: Remember the “get 8 hours of sleep in 30 minutes” citation from a while back? Well, I haven’t achieved that (not that I’ve tried only 30 minutes of sleep). However, I’ve made some significant progress.

The best solution I’ve found so far is an extremely simple one: a 555 timer putting out an ~0.7Hz train of pulses with about 50% duty cycle, driving two small incandescent bulbs. The lamps hang over my face while I’m sleeping. This is fucking weird at first (and not really compatible with partners), but the holy-shit-I-slept-well feeling is worth it.

Note I’m not using LEDs! Incandescent lamps turn on and off much more slowly. This isn’t just much more pleasant than something going “boom-ON!, boom-OFF!” all night.

Sudden turn on/turn off is the visual equivalent of a square wave, which Fourier theory contains a lot more frequencies (harmonics) than the fundamental 0.7Hz frequency. I picked 0.7Hz because it’s at the bottom of the “delta” range, which is well established in the literature as being associated with deep and restorative sleep. An 0.7Hz square wave, however, is made up of many higher frequencices as well — some of which are associated with being awake. Not helpful here.

By using incandescent bulbs, they turn on and off smoothly, acting as a low-pass filter to make sure the only frequencies reaching the brain are well within the “deep sleep” range.

LEDs would require more complex to get the same effect.

Note that the 555 timer’s 200mA source/sink capability means no other components are required if you use 0.1A bulbs. (I’m currently using one 0.4A bulb and one 0.1A bulb, so I added a BC337 transistor as buffer.)

“, instead of at- tempting to measure which zero day vulnerability is more likely, our metric sim- ply counts how many distinct zero day vulnerabilities a network can resist, re- gardless of what vulnerabilities those are; a larger number indicates a relatively more secure network, since the likelihood of having more distinct unknown vul- nerabilities all available at the same time, applicable to the same network, and exploitable by the same attacker, will be lower. […]

First, to the best of our knowledge, this is the first effort capable of quantifying the security risk of a network against unknown zero day attacks. Second, we believe the metric would bring about new opportunities to the evaluation, hardening, and design of secure networks. “


Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out /  Change )

Google+ photo

You are commenting using your Google+ account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )


Connecting to %s

%d bloggers like this: