Video demonstration of Helix protecting a PDF viewer against a malicious PDF email attachment.
Problems with Today's Defense
The band-aid approach to protecting information systems via patching is widely considered to be inadequate. Even approaches that incorporate intrusion detection and tolerance have proven ineffective against determined and well-funded attackers who have at their disposal a growing arsenal of evasive, stealthy, adaptive, polymorphic and metamorphic attacks. A fundamental problem with current defenses is that they do not redress the asymmetry between attackers and defenders, changing the target system only slowly and reactively in response to attacks.
The Helix self-regenerative architecture, on the other hand, begins with a combination of defense mechanisms that is both highly effective and metamorphic, thereby presenting attackers with a continuously changing attack surface, i.e., a metamorphic shield, that is altered routinely and as attacks progress. An attack that manages to overcome these defenses is then faced with the Helix innate response mechanism which creates a more aggressive system metamorphosis. This metamorphosis seeks to contain the effects of the attack and to reconfigure to provide rapid recovery and continued service. Finally, the Helix adaptive response mechanism examines the basic application system design at the level of its implementation and effects repairs that will ensure that future attacks of the same or similar form will be deflected, either by removing the path to vulnerabilities or the vulnerabilities themselves.
Helix TeamThe Helix team consists of researchers from the University of Virginia, the University of California, Davis, the University of New Mexico, and the University of California, Santa Barbara. Together, this coordinated project seeks to fulfill the Helix vision by advancing the state-of-the-art in several related areas of research.