Thwarting attacks with genetically-inspired computer configuration systems
In the seemingly unending search for computer security solutions that are both reactive and proactive, researchers have occasionally turned to other sciences for ideas.
In creating an algorithm that searches for and implements more secure computer configurations, computer science associate professor Errin Fulp and graduate student Michael Crouse from the Wake Forest University in North Carolina have been inspired by genetics.
“A lot of security instances that we read about ultimately are the result of a poor configuration in some form or fashion,” said Fulp, explaining that modern cyber attacks are usually performed in two waves – first reconnaissance, then action based on the discovered information.
“Just as one might try to prevent a home robbery, our goal is to create a ‘moving target defense’ that detects cyber threats when they first case the house. If we can automatically change the landscape by adding the technological equivalent of security cameras or additional lighting, the resulting uncertainty will lower the risk of attack,” he pointed out.
Their goal is to make the system able to lear form experience, adapt and – above all – is automated, so that already often overwhelmed administrators aren’t saddled with additional work. To do that, they took cues from nature and the evolution process.
“Typically, administrators configure hundreds and sometimes thousands of machines the same way, meaning a virus that infects one could affect any computer on the same network,” Crouse added. “If successful, automating the ability to ward off attacks could play a crucial role in protecting highly sensitive data within large organizations.”
The two researchers started their work in March 2011 and, according to the Winston-Salem Journal, they already have a prototype that shows a lot of promise.
Unfortunately, the grant money they received for the project from the Pacific Northwest National Laboratory is running out. They estimate that three more years and $500,000 would allow them to conclude it successfully, and they are currently looking for individuals or organizations that would sponsor their research.
This is not the first time that Fulp collaborates with Pacific Northwest, nor the first time he was inspired by nature in his quest for innovation.
In 2009, he started a project aimed at creating “digital ants” that wander through computer networks looking for threats. Once found, the ants would swarm the location and draw the attention of human operators to it so that they can step in to investigate.
The value of the project was proven when Fulp introduced a worm into the network and the digital ants successfully found it. As work on it is still ongoing three years later, it is likely that we might soon find the technology implemented in security solutions.