DHS Research: Cyber-Security Systems that Mimic Human Immune Response

DHS Research: Cyber-Security Systems that Mimic Human Immune Response
1 Star2 Stars3 Stars4 Stars5 Stars (No Ratings Yet)
Loading...

A new interesting approach to deal with increasing cybersecurity sophistication threats and botnets. The solution looks similar to a network of autonomous AI agents collaborating for the same goal. Automating responses to cyber threats will provide an incomparable reactivity to national systems but will definitely need to be thoroughly tested to avoid unexpected and uncontrolled behavior.

“The U.S. Department of Homeland Security’s Bruce McConnell recently released a white paper that describes a healthy ecosystem of computers that work together to fight cyberthreats. McConnell says the first step to developing the ecosystem is creating a computer system that can automatically recognize and react to threats. However, a major obstacle to such a system is developing computers that can authenticate interactions, says Science Applications International Corp.’s Ross Hartman. He says researchers currently are studying new models of nature-inspired defenses as a way to protect computers from new threats. Hartman says that McConnell’s paper, “Enabling Distributed Security in Cyberspace: Building a Healthy and Resilient Cyber Ecosystem with Automated Collective Action,” is a positive response to rising threats and will lead to new innovations from cybersecurity experts.”

Here’s an excrept of the DHS article:

“This discussion paper explores the idea of a healthy, resilient – and fundamentally more secure – cyber ecosystem of the future, in which cyber participants, including cyber devices, are able to work together in near‐real time to anticipate and prevent cyber attacks, limit the spread of attacks across participating devices, minimize the consequences of attacks, and recover to a trusted state. In this future cyber ecosystem, security capabilities are built into cyber devices in a way that allows preventive and defensive courses of action to be coordinated within and among communities of devices. Power is distributed among participants, and near‐real time coordination is enabled by combining the innate and interoperable capabilities of individual devices with trusted information exchanges and shared, configurable policies.

To illuminate such a cyber ecosystem in action, one might look at today’s practice known as “continuous monitoring,” in which system managers use a variety of software products to automatically detect and report known security vulnerabilities in network nodes. In some cases, system managers further configure their systems to automatically remediate detected security deficiencies. To offer an analogy, continuous monitoring is to a healthy cyber ecosystem as smoke detectors and sprinkler systems are to a “smart” building.

At the other end of sophistication in the orderly management of a complex system, we draw inspiration from the human body’s immune system. To paint a picture that mirrors the body’s ability to defend itself is complex. It might include layered defenses and countermeasures that work in tandem; specialized roles; powerful methods for rapidly identifying attackers; surge capabilities; and the ability to learn and rapidly adapt. A companion analogy may be made to the public health system and the Centers for Disease Control and Prevention (CDC). Here, cyber equivalent functions might include threat and incident watch, data dissemination, threat analysis, intervention recommendations, and coordination of preventive actions.

Automation is one of three interdependent building blocks of a healthy cyber ecosystem, along with interoperability and authentication. Automation can increase speed of action, optimize decision making, and ease adoption of new security solutions. A healthy cyber ecosystem might employ an automation strategy of fixed, local defenses supported by mobile and global defenses at multiple levels. Such a strategy could enable the cyber ecosystem to sustain itself.”

Source: ACM TechNews and The Department of Homeland Security
http://www.dhs.gov/files/publications/gc_1302028618408.shtm

Photo Credit: Internet / By procsilas FlickR