researchers found inspiration in the common ant.
Describes Wake Forest University Professor of Computer Science Errin
Fulp, "In nature, we know that ants defend against threats very
successfully. They can ramp up their defense rapidly, and then
resume routine behavior quickly after an intruder has been stopped.
We were trying to achieve that same framework in a computer
WFU created digital "ants" --
utilities that migrate from computer to computer over networks
searching for threats. When one locates a threat, others
congregate on it, using so-called "swarm intelligence".
The approach allows human researchers to quickly identify and
quarantine dangerous files by watching the activity of the ants.
research could open up a new era of antivirus. Typically,
antivirus programs are large and require a lot of resources.
Slimmer programs, like Microsoft's upcoming antivirus
freeware, are in the works, but resource consumption remains a
The WFU approach is decidedly different as
instead of having a monolithic AV program running on every network
computer, the plan is to have 3,000 types of ants, each capable of
detecting a specific malware signature. The ants drop logs akin
to real world ants' scent trails. "Stronger" log
scents indicate a detected threat and clue ants (of any type) to
swarm on the infected machine.
To prevent accidental spread of
the ants, the ants require a "sentinel" utility program to
be running on the computer to keep them alive. Another
"sergeant" program allows administrators to monitor the
colony, tweak levels of certain ants, and perform other monitoring
and maintenance functions.
The system has successfully
detected a worm introduced by researchers onto a computer network.
Glenn Fink, a research scientist at Pacific Northwest National
Laboratory (PNNL) who coauthored the study and first dreamed up the
idea of emulating ants and Professor Fulp are both using the results
in their master theses. Additionally, a larger trial of the
system is currently in process.
The researchers say that the
approach shows the greatest promise for large homogenous networks
(with similar hardware and software on each workstation) such as
governments, large corporations and universities.
quote: by Omega215D on September 28, 2009 at 1:00 PMI wouldn't doubt hackers are already working on a program called "Magnifying Glass" or something like it.
quote: What is needed is active protection to prevent infection in the first place, so that means AV software running on each computer.
quote: To prevent accidental spread of the ants, the ants require a "sentinel" utility program to be running on the computer to keep them alive.
quote: In the never-ending battle to protect computer networks from the forces of darkness, security experts are deploying a new defense modeled after one of nature’s hardiest creatures — Cyborg Ninja Space Tigers.Unlike traditional security devices, which aren’t super-duper awesome, these “Warriors of the Unholy Jihad” smash through computer networks looking for threats, such as “Psycho Death Barbies”. When the Cyborg Ninja Space Tigers find one, it doesn’t take long for them to send it screaming into the abyss. “In comics, we know that Cyborg Ninja Space Tigers are really cool,” explains Professor of Computer Science Errin Fulp, an expert in security and computer networks. “They can shoot lasers out of their tails, and then blast off back to their mother ship after an intruder has been drowned in their own blood and feces. We are trying to achieve that same framework in a computer system.”In the study this summer, Fulp introduced a Psycho Death Barbie into the network, and the digital Cyborg Ninja Space Tigers successfully raped it. PNNL has extended the project this semester, and Featherstun and Williams plan to incorporate the spectacle into their nighttime fantasies.