Ants

Posted on September 28, 2009 by biguglyjim

I love it when people think creatively and start modeling things on other things that may or may not be obvious choices. Case in point, I just finished reading an article on Science Daily that details how a group of IT security professionals decided to model a new computer security approach on the ant.

It makes sense. There’s not that many animals in nature more effective at dividing up labor and handling security. Don’t believe me? Step on an ant hill and don’t move your foot. When I was a kid my sister decided that would be a funny thing to get me to do, so I’m two years old shrieking “they’re biting my pee pee!” and running in circles. I love my sister.

The idea is basically more like a monitoring process. Little processes (ants) are released in the environment looking for certain telltale behaviors. When an ant finds something, it releases the digital equivalent of a scent message that attracts other ants. When enough ants agree that there is an issue, the attraction will be strong enough to draw more and more ants. Swarming will trigger a reaction that ultimately alerts the human operators to deal with the problem.

I like the concept here. It is close to an application we started writing a year ago (that got derailed) in terms of an autonomous early monitoring process. Obviously this is way more complicated, I’m not taking any undue credit here, but monitoring processes like this are quite fascinating to me. As the article states, the ever-changing nature of computer security threats requires a more flexible reaction.

This next part is pure speculation on my end, but in my mind, I am thinking what would be interesting would be to have a bunch of these ants who had a handful of find-and-eradicate functions built in to their long term memory and room for addition to their short-term memory. The ants scour the network looking for their handful of issues, but when they encounter a scent trail, they store the find-and-eradicate function in the short term. They continue to monitor for other threats (to avoid simple misdirection) but are now able to deal with the current threat. This way they don’t need a huge memory footprint.

Of course, any time we automate we have to be careful about accidentally unleashing a horde of malware of our own. The behaviors the ants are looking for would need to be carefully thought out to avoid a real nightmare.¬†Much like how chemotherapy attacks all fast growing cells, causing problems with hair and skin to list just a few, you wouldn’t want an ant running around with too-loose instructions and thus mistaking legitimate computer use for a threat.

It’s a cool idea, though. I wonder what we could come up with if we modelled on the human immune system…

Jim

Bookmark and Share

About biguglyjim

Big Ugly Jim is a computer nerd and a musician in Calgary, Alberta, Canada. His turn-ons include biology, evolution, and skeptically examining the world around him. His turn-offs are girls who think astrology is real, new country, and religion.
This entry was posted in computing, general and tagged . Bookmark the permalink.

One Response to Ants

  1. Pingback: Meddling Kids » Just Spitballin’

Leave a Reply

Your email address will not be published. Required fields are marked *

*

You may use these HTML tags and attributes: <a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <q cite=""> <strike> <strong>