Cyber Defense via Genetics
Wednesday, February 15, 2012 @ 01:02 PM gHale
Cyber security threats continue to mount and if you look at budgets for next year, proposed increases in spending show there is a need to keep improving network defenses. The problem is security is a moving target.
In just one application inadequate security configurations are the cause of 80 percent of the United States Air Force’s network vulnerabilities.
There is now a program in development that uses automated computer configurations that adjust as quickly as the threats, said researchers at Wake Forest University.
A genetically inspired algorithm is in the works that proactively discovers more secure computer configurations by leveraging the concept of “survival of the fittest,” said Computer Science Associate Professor Errin Fulp and graduate student Michael Crouse. Early simulations show the increased diversity of each device’s configuration improves overall network safety, without putting undue stress on IT administrators.
“Typically, administrators configure hundreds and sometimes thousands of machines the same way, meaning a virus that infects one could affect any computer on the same network,” said Crouse. “If successful, automating the ability to ward off attacks could play a crucial role in protecting highly sensitive data within large organizations.”
The researchers’ goal is to improve defense mechanisms of similar computing infrastructures with minimal human interaction.
Cyber attacks usually take place in two phases, Fulp said. In the reconnaissance phase, a virus simply observes the landscape, identifies possible defense mechanisms and looks for the best way in. If nothing has changed since the reconnaissance phase upon return, the virus strikes. But security experts said even the slightest change in environment can make a huge difference in deterring potential attackers.
“If we can automatically change the landscape by adding the technological equivalent of security cameras or additional lighting, the resulting uncertainty will lower the risk of attack,” Fulp said.
Researchers are currently testing their work to transform cyber security. Planned assessment includes integrating the automated system into the computer science department’s annual “hackathon,” giving budding developers the opportunity to improve the system.