Cybersecurity done the ant colony way

Sometimes it's truly curious who or what inspires us to achieve our best.

There are those sports teams who, sadly, sing "Wonderwall" by Oasis before entering the arena.

There are artists whose muses turn out to be more Pamela Anderson than Laurie Anderson.

And now, according to the Telegraph, some rather honest scientists from Wake Forest University confess that they have been inspired to create rather progressive cybersecurity software by staring at ants for a very long time.

I've never realized this when I've stood on a few hundred of them heading for my kitchen waste basket, but ants are apparently quite clever at defending themselves.

They use something called swarming intelligence.

Inspirational.

(Credit: CC SnapR/Flickr)

It seems to be a little like the strategy the police use when confronted by protesters at an event like the G20 conference. Once an ant senses a danger, he is joined by more and more ants until the threat is repelled.

A team at Wake Forest was so inspired by this approach to antagonism that it wondered whether it could create security software in which digital "ants" could call for reinforcements the minute they sensed the unwanted presence of a disaffected Swedish 14-year-old.

Professor Errin Fulp told the Telegraph: "In nature, we know that ants defend against threats very successfully. They can ramp up their defense rapidly, and then resume routine behavior quickly after an intruder has been stopped. We were trying to achieve that same framework in a computer system."

The Wake Foresters believe that this new software will allow for much quicker detection and return to normal computer function.

Glenn Fink (what fine names this research team seems to enjoy) told the Telegraph: "Our idea is to deploy 3,000 different types of digital ants, each looking for evidence of a threat. As they move about the network, they leave digital trails modeled after the scent trails ants in nature use to guide other ants."

This Fink and Fulp ant idea seems rather clever to me. If only I could use it to repel people on the street who ask me to sign petitions, give money or offer directions to the Hustler Club.

[mbenedict]

Meh, nothing new here.

E.g., here's an attempt from 2007:

http://www2.computer.org/portal/web/csdl/doi/10.1109/ICIW.2007.42

An older one from 2006 to detect DoS attacks and apply countermeasures:

http://ieeexplore.ieee.org/xpl/freeabs_all.jsp?arnumber=4068066

[dlevinson15]

What a fluff piece.

As a computer security professional I have no idea what they are talking about - nor, I suspect, does the writer of this article.

So is the idea to create not an "ant" but 3000 worms that travel from end point to end point in a network looking for signs of infection or attack? How is that better than end point security that calls back to the cloud when it encounters anything suspicious (as a number of the commercially available products do, see Symantec's Quorum for an example)? Actually, the wandering ants/worms sounds a lot worse.

[jabelar]

I agree. The analogy to ants doesn't seem good at all. First of all, thousands of different software agents looking for threats is not the same thing as a bunch of the same ants gathering to repel an invader. And the ideas of leaving "trails" sounds fishy too -- is this just another word for logs or security audits? And ants' ability to detect other antlike intruders is based on biochemicals that are unique to the colony -- where is the analogy in random cyber-attacks? The only thing that seems to make sense is that maybe they're saying that many smaller security systems work better than one monolithic one -- which may be true -- but otherwise what is ant-like about this?

[setjeff15081947]

Ah! The professionals don?t dig this possible Security-Threat-Deterrent from Nature. That?s good enough for me to believe there might be something there, or elsewhere in Nature; remember, she can be One-Tough-Cookie.
I?m reminded of two young gentlemen, college drop-outs both, and iconoclasts, I suppose, in their own right. Back in The-Olden-Days, they were sitting in one of their garages and dreaming about something they called a ?Graphical-User-Interface?. Microsoft, DOS-1.0, said ? Bah! Humbug, I say ? Humbug! Anybody on here remember those two weirdoes from the year 1980?

[jdbeard]

The writer ought to know that all worker ants, like the one pictured, are females. Male ants exist, but are disposed of after mating.

[maniopas]

Well, this security technique sounds prety revolutionary to me.

Of course, in case we had "ants" that are worms, things would not be nice at all, since a good hacker could easily emulate the digital signature or inflitrate any "ant" and thus break the whole system down.

However, there could just be some characteristic bytes ("ants") that their interception from a node is marked with some program. In case there is seccured no bogus "ant" to enter the network, I believe that this would be an effective idea.
Naturally, I could have missed something or the Fink and Fulp ant idea may have nothing to do with what I outlined above. I just did so in order to show that it has some potential.