Big Bad Beowulfs Again

Eugene Leitl eugene.leitl at lrz.uni-muenchen.de
Sat May 13 18:13:22 PDT 2000


jok707s at mail.smsu.edu writes:
 > All this talk of genetic engineering has been very interesting, but I'd like 
 > to get back to the subject of pure cyber-war.

I'm surprised that no one has so far suggested the usage of a Beowulf
as a distributed engine for exploit detection, and development of
machine instruction mutation engine (to achieve full code polymorphism
plus robust self-modification).

A worm which is capable to mutate its opcodes robustly, can obviously
find new exploits (judging from bugtraq blips, the exploit space is by
no means exhaustively sampled, and coding standards do seem to be
declining, especially in the application layer), and mutate itself to
be indetectable by simple pattern-driven countermeasures.

A machine opcode emulation sandbox (http://www.bochs.com/ would seem a
good starting point), plus development of a robust mutation function
including screening (fitness function) does obviously require
nontrivial crunch resources. The fastest way to revive crashed MS
boxen would seem to revert to a standard sane state in an emulator,
anyway. Even watchdog-triggered reboot from a solid state drive would
seem too slow (?).

In fact, a fledgling worm with above capabilities can bootstrap its
own substrate, if released into the wild. Clearly, the bandwidth
requirements vs. crunch are negligeable. Any takers?

[...]
 > Thanks again for everyone's feedback.  And if I ever want to create any 
 > genetically engineered weapons, I'll know where to turn. :-)

The strange thing is, that even on this list, people still think we're
joking. 

Regards,

Eugene Leitl

P.S. we don't wear hats, but our lab coats are lily-white




More information about the Beowulf mailing list