backtop

Print E-mail del.icio.us 29 comment(s) - last by KLO.. on Oct 2 at 8:46 PM

A new type of security software, developed by WFU and PNNL has digital "ants" swarm on malware threats, such as worms, to allow their detection and removal.   (Source: Serving Haus)
Ants may soon be defending your work computer against worms

Windows XP and Vista certainly has them... even OS X has them.  Computer "worms" capable of replicating and spreading over networks and removable media are a perennial security headache.  Now researchers are turning to an exotic scheme to help stomp out pesky malware like worms.

Security researchers found inspiration in the common ant.  Describes Wake Forest University Professor of Computer Science Errin Fulp, "In nature, we know that ants defend against threats very successfully.  They can ramp up their defense rapidly, and then resume routine behavior quickly after an intruder has been stopped. We were trying to achieve that same framework in a computer system."

WFU created digital "ants" -- utilities that migrate from computer to computer over networks searching for threats.  When one locates a threat, others congregate on it, using so-called "swarm intelligence".  The approach allows human researchers to quickly identify and quarantine dangerous files by watching the activity of the ants.

The research could open up a new era of antivirus.  Typically, antivirus programs are large and require a lot of resources.  Slimmer programs, like Microsoft's upcoming antivirus freeware, are in the works, but resource consumption remains a significant issue.

The WFU approach is decidedly different as instead of having a monolithic AV program running on every network computer, the plan is to have 3,000 types of ants, each capable of detecting a specific malware signature.  The ants drop logs akin to real world ants' scent trails.  "Stronger" log scents indicate a detected threat and clue ants (of any type) to swarm on the infected machine.

To prevent accidental spread of the ants, the ants require a "sentinel" utility program to be running on the computer to keep them alive.  Another "sergeant" program allows administrators to monitor the colony, tweak levels of certain ants, and perform other monitoring and maintenance functions.

The system has successfully detected a worm introduced by researchers onto a computer network.  Glenn Fink, a research scientist at Pacific Northwest National Laboratory (PNNL) who coauthored the study and first dreamed up the idea of emulating ants and Professor Fulp are both using the results in their master theses.  Additionally, a larger trial of the system is currently in process.

The researchers say that the approach shows the greatest promise for large homogenous networks (with similar hardware and software on each workstation) such as governments, large corporations and universities.

Comments     Threshold


This article is over a month old, voting and posting comments is disabled
Uh oh...
By Omega215D on 9/28/2009 12:33:46 PM , Rating: 2
This might be bad for those with wallpapers resembling anything from a picnic then it won't be just worms to worry about...

Bring on the Skynet comments... or the Matrix since it does include Sentinels...




RE: Uh oh...
By BrandtTheMan on 9/28/2009 12:35:56 PM , Rating: 2
More like bring on the microscopes and the hot sun!


RE: Uh oh...
By Omega215D on 9/28/2009 1:00:51 PM , Rating: 5
I wouldn't doubt hackers are already working on a program called "Magnifying Glass" or something like it.

Raid for Ants!


RE: Uh oh...
By Aquila76 on 9/28/2009 1:08:58 PM , Rating: 2
Since we're going off topic (a little), I would have rather seen a picture of STP up there, instead of Dave Matthews (I'm assuming that's Dave Matthews, please cprrect me if I'm wrong). "Army Ants" is probably my 2nd favorite song of theirs.


RE: Uh oh...
By dayanth on 9/28/2009 3:50:30 PM , Rating: 2
What would really be worse, is if hackers started making viruses that had swarm logic in it. That would be a horrible backfire for putting that technology out there. An escalation in firepower for both sides to balance them out.


RE: Uh oh...
By Spookster on 9/28/2009 5:35:25 PM , Rating: 2
quote:
by Omega215D on September 28, 2009 at 1:00 PM

I wouldn't doubt hackers are already working on a program called "Magnifying Glass" or something like it.


Anteater would make a good name for it.


RE: Uh oh...
By wifiwolf on 9/28/2009 7:06:19 PM , Rating: 2
The flaw would be that needed sentinel. One of the million options would be to just disable it and making a flood of ants.

Now someone could point that disable it wouldn't be easy, but yes it would be just as easy as other viruses disable other anti-virus software.


RE: Uh oh...
By MrBlastman on 9/28/2009 3:42:45 PM , Rating: 3
Soooo, our computers are going to go from having a bad case of worms to having a case of ants in their pants?

I have a feeling this is just going to bring on a case of the heebie-jeebies'more than anything else. I can see it now...

*dreamy music plays*

Somewhere 'down in the deep south...

"Hey Stan! Bonnie Mae was tellin' me that my computer had some worms in it," she proclaimed with a firm, yet confused and concerned tone, "Ah checked the back of the computer where I plug stuff in and all the plug holes and didn't see any sticking out of them?"

Stan, with a bit of a grin going ear to ear, coyly tipped his glassed down from his eyes and spun his swivel chair around stopping firmly at the 180-degree mark and with a bit of flair, raised one eyebrow and looked at Mary Sue as she stood in his doorway. Oh, how he wished secretly in the back of his mind that she would give herself to him in a dirty way, but, being the loyal technician that he was, understood that he had a job to do--the reward might come later.

"Mary Sue, you did what?" He said with a quick, sharp southern drawl.

"I checked my computer's backside but din't see any worms wigglin' about," she quizzically replied.

Stan raised his second eyebrow in an instant, stopping a reflex that would cause his right hand to slap himself in the face. "If these darned gals weren't so plum dumb, I almost would feel guilty about taking advantage of them," he thought to himself... "Okay Mary Sue, why don't you come sit down in my office for a bit and I'll go take a look at your computer."

Mary Sue's eyes brightened up a little bit and her look of concern washed away temporarily to put a little sparkle back into her eyes as a smile erupted on her face. "Oh thank you Stan!," she exclaimed as she rushed into his office and grabbed his chair after he got up spinning in circles, round-n-round at his desk.

Stan grinned once again, in an evil way as he walked out the door. He remembered the last time Mary Sue had "problems" (well, problem is subjective as they went hand-in-hand with her to begin with), and how she stiffed him on the dinner she promised him. Oh if it wasn't for that sweet Southern accent all these belle's had, he would surely go mad.

Well, off Stan went to fix Mary Sue's computer. He walked right down the hall and to the right at the end, down another row of of cubicles and went right past Bonnie Mae, who turned to look as he walked by. She looked up at him with her eyes and blinked in that Southern-belle type of way that just said "I just love a man in suspenders and big round glasses," sort of way.

Bonnie Mae had the hots for Stan. She just loved a man who was smart--and could work with his hands. Too bad for Stan though, as he had it in for Mary Sue for now.

"Oh Stan," she said in a shy, yet playful tone, "Could you come help me with my computer after you're done with hers?"

"Not now Bonnie Mae, Mary Sue's got some worms on her computer." he replied.

"Oh, you're so sweeeet," said Bonnie Mae. She knew that would get Stan by her desk to come visit. Whether or not there were worms on Mary Sue's computer or not, that was irrelevant. Bonnie Mae wanted his geekiness and wanted it bad. She'd do anything to get him to visit.

Stan though, being the practical man that he was, didn't really understand women. As far as he could tell, Mary Sue was using him once again and trying to lead him on. He pulled up to her desk and plopped down in her chair and took at look at her machine. "Blasted computer, I need to get around to upgrading this Windows 98 box to something more current," he mumbled under his breath, "that is, if budget's and accounting would give me the funding to do so."

Stan whipped out a USB thumb-drive and plugged it into Mary Sue's computer. He then pulled up the MS-DOS prompt and flashes his fingers in a fury, so fast that you coulda' swore he was stirrin' up a tornader of wind throughout the cube. Bonnie Mae at this point was facing him from her desk with her chin nestled between her two hands as her elbows rested on her desk.

About as fast as you could say go, Stan was done and he pulled out his drive and turned around, stood up and started to walk away. He noticed Bonnie Mae staring up at him and and he looked her in the eyes, "Ants," he said as he walked away. Bonnie Mae felt confused and saddened at the same time.

"Ho-hum," she thought to herself melancholically, "thar's always next time."

Stan lumbered down the hall, turned the corner and went down another back to the door of his office. As he rounded the door-frame he saw Mary Sue pluggin' away at his keyboard with 'corporate records' open. "That sly fox," he thought to himself.

"Shoo, Mary Sue!," he blurted out, "Git off my computer, I've told you time after time and I'll tell you again, if you want my help, you leave my stuff alone. I should report you for this," he rambled out. Mary Sue clearly was in the confidential files that only he, along with executive management, had access to...

... But that is where he stopped short. Perhaps he could use this to his advantage. Perhaps, he could receive some 'payment'. Mary Sue, shocked that she had been caught, put on her best Southern charm and acted all innocent about the mess she found herself in. "Oh Stan," her voice turned all sultry and charming-like, "we don't need to fret over this, how 'bout you come over and have dinner at my place tonight? hmm?," she blinked with a smile on her face.

"Yeah right, she's doing it again, but I'll get her this time," Stan thought to himself. "Sure thing, Mary Sue, I'll see you at seven."

"Thatta boy Stan," she happily replied as she patted him on the arm walking out of her office.

She walked right back down the hall from which Stan came and down to her cubicle and planted her tail squarely on the seat. She took a gander at the screen and pondered as to what he might have done. "Bonnie Mae," she said, "What did Stan do?"

Bonnie looked over, hating that Mary Sue so much because she always got the attention, said to Mary Sue, "I heard him say Ants."

"Ants?... what?" said Mary Sue. She fiddled with her keys and then felt an itchy feeling in her thigh. Her eyes began to water and her pulse began to quicken. "He wouldn't, he couldn't" she thought inside. "Ants in my computer!!!!!" Mary Sue shouted out loud as she jumped atop her desk. "Oh heavens that be there are Ants in my computer!" she roared.

As toolsmiths' are concerned, Mary Sue's parents weren't that skilled as one of them. Their shed was quite dull when it came down to it.

And that was that. At the other end of the office there was a now-empty office room, a room where Stan sat just a few minutes before--before there appeared a sign on the door. This wonderful sign, the one that was put up not like it was a chore, read in two easy to read words that made it quite clear. "Gone Fishin'"

And that was how Ants wound up 'down south on some Belle's computer.


RE: Uh oh...
By messyunkempt on 9/28/2009 5:49:41 PM , Rating: 3
Well theres a few minutes i'l never get back...


RE: Uh oh...
By KLO on 10/2/2009 8:34:28 PM , Rating: 2
Due to the fact he had gone fishing, they had to hire another tech when the issue at hand had nothing to do with a virus. Yes, the Ant technology was working and so far they didn't need him anymore for virus and worm attacks so they needed someone who would stick it out and not just take a vacation whenever they wanted to. So they hired a girl technician who was willing to stay. Not only did it prove fantastic for bring the number of tickets down because now the other silly ladys did make a request but she had a new technology under her belt...The "Preying Mantis" designed to eliminate Ants so all techs in the world can keep their jobs. Which not only made her a valuable and needed asset to the company but also secured the fishing techs job upon his return. He was on his was on the path to the short list to getting fired.

Upon his discovery of this fantastically mysterious and smart woman for a change he was floored. He tried to ask her out but she said no, and he tried to give her favoritism to no avail. He was not going to let on her hand dandy tool for fear of becoming vulnerable again.

The End


Insect emulation
By vailr on 9/28/2009 2:07:29 PM , Rating: 2
What we need is more insect-based emulations for computer programs.
"The Cicada Killing Wasp" anti-malware program
"The Praying Mantis" anti-trojan program
"The Angry Swarm of Hornets" anti-virus program
etc.




RE: Insect emulation
By AnnihilatorX on 9/28/2009 3:01:45 PM , Rating: 2
"The Spider Web" web-based spam filter


RE: Insect emulation
By KLO on 10/2/2009 8:36:37 PM , Rating: 2
Actually that is what we need less of! Less AV & Less control! Less of alot of things.


This is stupid...
By kroker on 9/28/2009 6:37:40 PM , Rating: 2
By the time the "ants" identify a threat, a virus/worm/trojan/whatever could have infected the system and extracted sensitive information, and may even have infected other computers in the network. What is needed is active protection to prevent infection in the first place, so that means AV software running on each computer.

On the other hand, centralized, coordinated AV systems across a network is not a bad ideea (and is probably already implemented - I don't know much about network security). But simulating ant behavior is taking it too far IMHO.




RE: This is stupid...
By Shadrack2 on 9/29/2009 9:51:16 AM , Rating: 2
quote:
What is needed is active protection to prevent infection in the first place, so that means AV software running on each computer.


I sort of agree, at least that's the sensible starting point. The real problem I see is that all these solutions are a "defense". What we really need are offensive techniques that can trace these threats back to their source and deal with them once and for all.


RE: This is stupid...
By KLO on 10/2/2009 8:39:53 PM , Rating: 2
The only way that is possible is if it can jump out of a tower/monitor and punch the jack ass creating the code in the face. Impossible.


SimAntec
By Mr Perfect on 9/28/2009 1:40:34 PM , Rating: 3
Give it a SimAnt UI, and antivirus administration could be fun!




RE: SimAntec
By KLO on 10/2/2009 8:41:41 PM , Rating: 2
Yeah, great idea, then we would no longer need techs because it would be so dumb user-friendly anyone could do it.


So...
By Mojo the Monkey on 9/28/2009 1:45:57 PM , Rating: 1
The solution is making a worm-like process (now "cutely" named an ant) to infect a whole bunch of computers to find other worms....?

This wont cost processing power? network bandwidth? If these ants pass so easily from one computer to the next, what is to stop the next coder from turning the ants malicious - just now exploiting their ability to access many comps through the back door?

I just dont see that is a practical solution.




RE: So...
By Narcofis on 9/28/2009 2:12:11 PM , Rating: 2
That's where the other ants comes in. If one goes rogue the other ones kills it. Anyway, that's in principle.


RE: So...
By KLO on 10/2/2009 8:43:11 PM , Rating: 2
But who kills the Sentinel?


Sentient
By AnnihilatorX on 9/28/2009 2:07:51 PM , Rating: 2
quote:
To prevent accidental spread of the ants, the ants require a "sentinel" utility program to be running on the computer to keep them alive.


What if the 'sentinel' turns sentient, rewrite and direct the ants to attack humanity?
Sounds good for a Hollywood flick!




RE: Sentient
By PhoenixKnight on 9/29/2009 1:59:38 PM , Rating: 2
The ants have detected a new threat: us.


Works both ways?
By HostileEffect on 9/29/2009 1:12:59 PM , Rating: 2
Can not a hacker make a virus and then use a similar swarm-like program to block anything from coming into the infected computer or system?




RE: Works both ways?
By KLO on 10/2/2009 8:46:11 PM , Rating: 2
yep.


For the Love of God
By GeorgeH on 9/28/2009 7:46:51 PM , Rating: 3
Dear Computer Researchers:

Can we ease up on the BS analogies already? Ooh, you're taking your inspiration from nature; how very deep of you. Next time, though, how's about you dream up something that doesn't make you sound like a pandering douche. Here's what your press release sounded like to me:

quote:
In the never-ending battle to protect computer networks from the forces of darkness, security experts are deploying a new defense modeled after one of nature’s hardiest creatures — Cyborg Ninja Space Tigers.

Unlike traditional security devices, which aren’t super-duper awesome, these “Warriors of the Unholy Jihad” smash through computer networks looking for threats, such as “Psycho Death Barbies”. When the Cyborg Ninja Space Tigers find one, it doesn’t take long for them to send it screaming into the abyss.

“In comics, we know that Cyborg Ninja Space Tigers are really cool,” explains Professor of Computer Science Errin Fulp, an expert in security and computer networks. “They can shoot lasers out of their tails, and then blast off back to their mother ship after an intruder has been drowned in their own blood and feces. We are trying to achieve that same framework in a computer system.”

In the study this summer, Fulp introduced a Psycho Death Barbie into the network, and the digital Cyborg Ninja Space Tigers successfully raped it. PNNL has extended the project this semester, and Featherstun and Williams plan to incorporate the spectacle into their nighttime fantasies.


Thank you for your attention in this important matter.




By mkruer on 9/28/2009 2:43:21 PM , Rating: 2
Now we know!




Preying Mantis
By KLO on 10/2/2009 8:21:39 PM , Rating: 2
I think because the Ants have to respond to a Sentinel or Soldier Ant that it is vulnerable to attack.

Much like when you leave out nutra-sweet for the ants to take back to their colony thinking its sugar and it inadvertently slowly and eventually kills off the entire colony.

If maybe something was built that resembled a preying mantis type of behaviour then you would not have the problem that you may have with the Ants.




I'm gonna "drop some logs"
By StraightPipe on 9/28/09, Rating: -1
"There's no chance that the iPhone is going to get any significant market share. No chance." -- Microsoft CEO Steve Ballmer

DailyTech Poll
Do you use copy/paste on your smartphone? 




15 Comments









botimage
Copyright 2010 DailyTech LLC. - RSS Feed | Advertise | About Us | Ethics | FAQ | Terms, Conditions & Privacy Information | Kristopher Kubicki