Kurt Gödel changed the face of mathematics with a single stroke, by proving that an accepted truth about the completeness of the natural numbers system was actually improvable. Computer science, which relies on the axioms of the natural numbers system, continues bearing the weaknesses exposed by Gödel’s refute, and modern software detection is one specific niche which suffers from this flaw.
 |
| Kurt Gödel (Photograph by Alfred Eisenstaedt) |
Gödel was an Austrian mathematician, logician and philosopher of the 20th century who specialized in logic and its implications for the foundations of mathematics. He studied at the Vienna University and focused his inquiries on the fundamental concepts of the natural numbers system (i.e 0,1,2,3…), which forms the basis of algorithmic logic and computer science. This system has a set of axioms defining the borders of its logic, for example, that 0 is actually a natural number, and not a null representation.
A logical system has axioms of completeness and consistency: It is complete in the sense that its axioms enable the creation of all possible true statements comprised of the system’s objects, and is consistent in the sense that these axioms do not contradict each other. Gödel used these two axioms to posit an unprovable claim, as shown in the following demonstration:
Articles
S is a logical system, such as the natural numbers system.
C is a claim comprised of objects and rules from the system S.
Principles
Completeness: any claim (C) within the system (S) is provable by the axioms of the system.
Consistency: all claims within the logic of the system (S) do not contradict each other.
Gödel used these articles and principles to create the following paradoxical statement: CS cannot be proved within the system S.
On the surface - this is a provable claim, but in practice it is unprovable. The claim follows the logic of the system S, but states a claim that if proven, will refute the rule of completeness (any claim should be provable), and if unproven - will refute the rule of consistency (no claims within the same system contradict each other). By this, Gödel demonstrated what the linguist and philosopher Wittgenstein, described as the inability of language to refer to itself because the reference itself uses language. Gödel showed mathematically that systems have a limited capability of self attribution, due to their dependence on a closed logical subbase.
 |
| Systems have limited capability of self attribution. The Möbius Loop (From Scienceworld.ca) |
In accordance with Gödel ’s mathematical manifestation of Wittgenstein’s claim, anti-virus software and similar platforms are incapable of examining the entire system while being a part of it, because they too are subject to its logical rules.
Zero-day attacks take advantage of unprecedented vulnerabilities, and thus undermine the rules of the system that they are attacking. Cyber security platforms are unable to identify these hostile utilizations because they are incapable of seeing beyond the logic of the current operating system.
Cyber security companies continue offering software level solutions and promise top notch detection, while factually they are subject to this logical inconsistency, and are blindsided to malicious activity conducted outside their limited visibility scope.
 |
| A Computer going through a health crisis (The ClipArt Gallery) |
Enterprises continue putting their trust in these myopic solutions, believing that it’s the best they can do, and accept the recurrences of zero-day attacks and their containment as an arms race between attackers and defenders. However, it is difficult to overlook the fact that visibility limitations are an innate attribute of software based cyber security solutions.
Comments
Post a Comment