Modeling Security Software To Mimic Ant Behavior

← Back to Stories (view on slashdot.org)

Modeling Security Software To Mimic Ant Behavior

Posted by Roblimo on Wednesday June 1, 2011 @03:48AM from the maybe-more-like-white-blood-cells-than-ants dept.

wiredmikey writes "Researchers from universities and national laboratories in the United States are developing software that mimics ant behavior, as a new approach to network security." The concept has been around for a while, but this summer researchers are working to train the "digital ants" well enough that they can turn them loose into the power grid to seek out computer viruses trying to wreak havoc on the system.

7 of 68 comments (clear)

Min score:

Reason:

Sort:

There was an old power grid by bugs2squash · 2011-06-01 03:53 · Score: 3, Funny

That swallowed a fly...

--
Nullius in verba
Obligatory by Blackdognight · 2011-06-01 03:58 · Score: 3, Informative

"I, for one, welcome our new insect overlords." Sorry, but the perfect oportunity to use the original quote doesn't come up every day...
1. Re:Obligatory by NoNonAlphaCharsHere · 2011-06-01 04:07 · Score: 3, Funny
  
  It didn't today, either.
Why on earth would they "wander" by Zerth · 2011-06-01 04:00 · Score: 2

I'd like my security software to stay resident at all times, thank you very much.
And "swarming"? I suppose that is an effective response, sucking up CPU by making meaningless copies of itself will keep the virus from doing much. But I'd rather remove the malware.
Uh...WTF? by chill · 2011-06-01 04:02 · Score: 5, Interesting

"In nature, we know that ants defend against threats very successfully," Fulp said. "They can ramp up their defense rapidly, and then resume routine behavior quickly after an intruder has been stopped. We're trying to achieve that same framework in a computer system."
Yeah, that's what we need. One Symantec AV can't stop a virus it doesn't know about, so we need TEN SYMANTEC AVS on the job.
The problem in computer security is one of DISCERNING INTENT. Good code and bad code look the same. The call the same functions, perform mostly the same tasks.
Think of VNC or Windows Remote Help vs a backdoor trojan. Same basic thing, just different intent.
FTP, Dropbox or other file transfer vs a trojan that uploads your files. Intent again.
Ants don't do any better at recognizing bad guys than AV software does. Faced with an enemy that is TRYING to disguise itself, they are fooled or sidelined. http://www.securityweek.com/researchers-model-security-software-mimic-behavior-ants
On the bight side, I'll be they can squeeze a few research grants out of it.

--
Learning HOW to think is more important than learning WHAT to think.
1. Re:Uh...WTF? by chill · 2011-06-01 04:22 · Score: 2
  
  Yes, but that isn't a solution. That is just passing it on to the user to say "I see something, what is it?" Again, it defers determining intent to the user.
  In real world application, ZoneAlarm and Comodo are next to useless because clueless users just keep clicking "allow" to make it stop bothering them.
  God help them when "svchost.exe" pops up asking for permission.
  
  --
  Learning HOW to think is more important than learning WHAT to think.
Sounds like buggy code by gatkinso · 2011-06-01 04:21 · Score: 3, Funny

Hahahahawhawhaw.
Carry on.

--
I am very small, utmostly microscopic.