Computer scientists are using insect behavior as inspiration for computer security. Researchers at Wake Forest University and the Pacific Northwest National Laboratory (PNNL) in Richland, WA, are modeling their adaptive “swarm intelligence” network security on how ants defend their colony from attack. “In nature, we know that ants defend against threats very successfully,” said Wake Forest professor Errin Fulp. “They can ramp up their defense rapidly, and then resume routine behavior quickly after an intruder has been stopped. We were trying to achieve that same framework in a computer system.”
The key to this system is that it is adaptive, which is crucial in a world where malware variants are always ahead of security. The attack-and-relax method Fulp describes above should ease network resources while ensuring the system's flexibility, as each node, each "ant" looks for potential threats.
“Our idea is to deploy 3,000 different types of digital ants, each looking for evidence of a threat,” Fulp said.
“As they move about the network, they leave digital trails modeled after the scent trails ants in nature use to guide other ants. Each time a digital ant identifies some evidence, it is programmed to leave behind a stronger scent. Stronger scent trails attract more ants, producing the swarm that marks a potential computer infection,” Fulp said.
Early experiments with the digital ants has been successful.
The researchers say the security system will work best for large networks with identical computers like corporations, government organizations and schools. User-controlled “sentinels” ultimately control the swarm, so no need to worry about it getting all MCP on your network.