Biomimicry in computer security: ants vs. worms

ant headWe have a tendency to name software entities after biological creatures whose behaviours they remind us of – think of viruses in general, or worms. Now a bunch of computer security geeks are coming from the other direction, taking inspiration from nature’s creatures for the next weapon in the never-ending war against malware and viruses… few species are more effective at responding to intrusions into their system than the ant, after all. [via SlashDot; image by CharlesLam]

Unlike traditional security devices, which are static, these “digital ants” wander through computer networks looking for threats, such as “computer worms” – self-replicating programs designed to steal information or facilitate unauthorized use of machines. When a digital ant detects a threat, it doesn’t take long for an army of ants to converge at that location, drawing the attention of human operators who step in to investigate.

The concept, called “swarm intelligence,” promises to transform cyber security because it adapts readily to changing threats.

“In nature, we know that ants defend against threats very successfully,” explains Wake Forest Professor of Computer Science Errin Fulp, an expert in security and computer networks. “They can ramp up their defense rapidly, and then resume routine behavior quickly after an intruder has been stopped. We were trying to achieve that same framework in a computer system.”

[…]

“Our idea is to deploy 3,000 different types of digital ants, each looking for evidence of a threat,” Fulp says. “As they move about the network, they leave digital trails modeled after the scent trails ants in nature use to guide other ants. Each time a digital ant identifies some evidence, it is programmed to leave behind a stronger scent. Stronger scent trails attract more ants, producing the swarm that marks a potential computer infection.”

Let’s just hope it takes the black-hat kids a long time to code up a software aardvark, eh?