Proceedings Article | 9 May 2018
Patrick Jungwirth, Philip Chan, Thomas Barnett, Abdel-Hameed Badawy
KEYWORDS: Computer security, Information security, Defense and security, Control systems, Network security, Operating systems, Internet, Computer architecture, Computer programming, Integrated circuits
We will review cyber-security, and chart a course for the future. To understand the problems of cyber security is to know the risks and the fundamental issues encompassing it. Today, the internet and computers have no boundaries. Data is available locally, remotely, and distributed in the cloud. Connectivity, and sharing across software applications has caused a super-exponential growth in the number of possible ways to exploit systems. There is a great need for seamless cybersecurity protection covering: prevention, identification, and defense against attacks. We need cybersecurity that is simple to use, has low overhead, and really works. We believe the future of cybersecurity is at the hardware level. There are no boundaries to cybersecurity. Cyber attackers, intruders, pranksters, and malicious users can be external, internal, local, next door, or on the other side of the world. The attacker’s goal is to exploit a weakness, remain anonymous, and take advantage of stolen information. Risks are many covering simple to define to beyond the state-of-the art to understand. Traditional attack paths include viruses (malicious code hidden in software), worms (automatically selfpropagate), and Trojan horses (create remote back doors for attackers). More recent attack paths are taking advantage of hardware assisted virtualization, and hardware assisted virtual machines. The New Year 2018 brought, new information leakage attacks called Spectre [3] and Meldown [4]. Malicious code can combine viruses, worms, Trojan horses, scripts, et al. to attack multiple, cross-platform systems. For future cyber security, we need simple cyber mechanism(s) amicable to machine generated formal proofs for the whole system (including hardware and software). We present research directions for the future.