Using biomimicry to fight computer viruses via “immunity software”
Rhett A. Butler, mongabay.com
December 6, 2005
Biomimicry is being used to fight computer viruses.
The Electrical and Computer Engineering Department at the University of Arizona (UA) received $1 million to fund research and development of security software that mimics biological immune systems.
The software will screen a computer network for abnormalities, isolating infectious computer viruses, worms and other attack agents while developing software “antibodies” to fight them. UA received the grant from the Army Research Office.
Meanwhile research presented in this month’s Nature Physics suggests that computer viruses fought by “immunity software” that spreads faster than the virus itself. Computer engineers from Israel propose setting up a network of shortcuts through the Internet that only antiviral programs can use, allowing them to immunize computers before a virus arrives. Lead author Eran Shir of Tel Aviv University told Nature.com, “You need to build extra links into the network that only the immune agent can use. They’re like wormholes through cyberspace.”
Below is an October news release from the University of Arizona detailing the grant to fund biomimetic security software.
UA ECE Gets $1 Million to Fight Cyberspies With Bio-Mimicking Software
By Ed Stiles
University of Arizona news release
October 28, 2005
UA’s Electrical and Computer Engineering Department (ECE) has received $1 million to fund research and development of security software for military computer networks.
The software will mimic biological immune systems by screening a computer network for abnormalities; isolating the infectious computer viruses, worms and other attack agents; and developing software “antibodies” to fight them.
Professors Jerzy W. Rozenblit and Salim Hariri received the grant from the Army Research Office to collaborate on the project with Arizona’s Ft. Huachuca Network Command Center.
The research is vital to national security because military and other government computers are under constant attack from both freelance hackers and those working for foreign governments. An August 29 story in “Time” magazine, for instance, details how Chinese cyberspies are stealing secret information about the U.S. nuclear arsenal and other military secrets.
“Not only are secrets being lost, but the cost of fending off these attacks and then repairing the problems they cause runs into billions of dollars,” Rozenblit said. “And it’s not just an issue with defense networks. Financial centers, the health sector and even the educational sector face similar problems.”
Rozenblit and Hariri will be working with Ft. Huachuca through the Center for Intrusion Protection at the Army Research Laboratory in Aberdeen, Maryland.
Testing Systems for Vulnerability
The researchers will model the types of attacks the Army encounters and design vulnerability analysis software. The software will identify if an anomaly in the computer network is caused by a hardware breakdown, a software problem or because an attack has occurred.
Related articles
Nature’s engineering shows butterfly innovation (November 18, 2005) Biomimetics, technology that mimics nature (11-July-2005) Biomimicry Employed by MIT Nanotechnology Researchers (September 21, 2005) The ocean is a perilous environment for a soft-bodied creature like a sea snail, so nature gives it an advanced nanostructured armor system that is stiff and strong yet lightweight. It’s called a shell. Understanding the fundamental design principles of natural armor systems like shells may help engineers design improved body armor systems for humans in perilous situations, like soldiers and police officers. At MIT’s Institute for Soldier Nanotechnologies, researchers are studying the structure and mechanics of the tough inner layer of mollusc shells, called “nacre” or mother-of-pearl, at extremely small, nanometer-length scales (a nanometer is a billionth of a meter). Design of new Mercedes-Benz bionic car inspired by fish body shape (10-July-2005) DaimlerChrysler is using a new concept vehicle to examine the great potential of bionics for automobile development, and has achieved outstanding results for fuel consumption and emissions with a combination of pioneering diesel engine technology and innovative emission control methods. The Mercedes-Benz bionic car study will have its world premiere at this year’s DaimlerChrysler Innovation Symposium in Washington. Nature Provides Intelligent Design Template for Human Problems (November 1, 2005) |
“Once the anomaly has occurred, the question is how to isolate it and how to take protective steps that will fend off this anomaly on systems farther down the network,” Hariri said. “This will require a very rapid response.”.
The current project is an expansion of the work Hariri has been conducting on self-detecting, self-healing computer-protection software in ECE’s High Performance Distributed Computing Laboratory.
He says this new approach — mimicking biological systems — is necessary because conventional methods used to protect computers from attack have failed. “The vulnerability of computer systems to malicious attacks, as well as the number of attacks, is threatening national security, business, industry and educational institutions,” he said.
Every enterprise that depends on computers is at risk and current attempts to protect computer systems have failed repeatedly, Hariri added.
The researchers will use the $1 million to fund phase one of the research, which is to establish the basic modeling techniques and tools. Phase two will involve implementing those techniques.
“Ultimately, we would like to build a network test bed that would link us with the networking infrastructure down at Ft. Huachuca so that we can simulate attacks and their consequences, as well as test our theories on real systems in real time,” Rozenblit said. “The Center for Intrusion Protection would supply the data they collect on attacks so we would be able to try our ‘what-if’ scenarios on real examples and do a forensic-style analysis to see how closely our models predict actual situations.”
Although some data can be protected with sophisticated encryption programs, Rozenblit noted that cyperspy problems go beyond data security.
Malicious Attacks are Costly
“Many of these malicious attacks not only compromise data, they compromise the entire infrastructure,” Rozenblit said. “They can cause major shutdowns or anomalous behaviors that are extremely costly to recover. In some of them you lose data, in others you may lose lives. In addition, some of these intrusions get into systems and lie dormant until they hit you when you least expect it or when the consequences will be the worst.”
No computer system can be totally invulnerable to attack and those involved in computer security recognize that there will be some degree of penetration, Rozenblit explained. “The question is how to mitigate and minimize the consequences of that penetration.”
Rozenblit has been working on modeling and simulation software for military decision-making at Ft. Huachuca since 1992. This new research project on computer security evolved from that close association. Loss of data in daily operations and the cost of manpower and equipment that has been compromised finally led the Army to seek ways to test the vulnerability of their systems to assess threats and to determine how well those threats can be intercepted.
“The Army funded this project because they know that UA’s ECE department has traditionally been very strong in the networking area,” Rozenblit said. “They also know that we’re very strong in modeling and that we have a good understanding of defense needs due to the projects they have funded here for quite a few years.”
This story includes a modified news release from the University of Arizona. The original appears at UA ECE Gets $1 Million to Fight Cyberspies With Bio-Mimicking Software