Researchers have developed “digital” ants to defend networks from worms and other malware. According to DarkReading scientists from Wake Forest University and the Department of Energy’s Pacific Northwest National Laboratory in Washington state have worked together on the project that mimics the defensive behavior of ants. The researchers developed thousands of different types of digital ants that move through a computer network and search for evidence of a malicious threat.
When a digital and detects a threat it leaves behind a “scent” or marker to attract other ants, like real ants. Other ants then follow the trail to swarm a potential infection with “swarm intelligence.“ TechRepublic explains that digital Swarm Intelligence consists of three components:
- Digital ant: Software designed to crawl through computer code, looking for evidence of malware. There will be 3000 different types of Digital Ants employed.
- Sentinel is the autonomic manager of digital ants congregated on an individual computer. It receives information from the ants, determines the state of the localhost, and if any further action is required. It also reports to the Sergeant.
- Sergeant is an autonomic manager of multiple sentinels and is the interface with human supervisors. The size of the network determines the number of Sergeants required.
Like their biological counterparts, each individual ant is not very bright. “We are using the ants to sense something very basic, like a connection rate,” said Errin Fulp, a professor of computer science at Wake Forest. There are about 60 technical details the digital ants can detect and leave a tiny digital trail that says something unusual is going on here, and that other ants should check it out .”Then we collect that evidence which points us to a particular infection or security threat,” said Mr. Fulp.
The swarm intelligence approach to finding specific threats is intended to provide better and quicker detection of threats than current anti-malware software can perform. The researchers developed software capable of running multiple security scans contiguously, with each scan targeting a different threat according to the article. It’s also better able to handle morphed versions of malware, according to the research.
“In nature, we know that ants defend against threats very successfully,” Mr. Fulp, says in DarkReading. “They can ramp up their defense rapidly, and then resume routine behavior quickly after an intruder has been stopped. We were trying to achieve that same framework in a computer system.”
In a test of the technology, the digital ants were able to discover a real computer worm planted by Wake Forest on a network of 64 computers in the lab.
“Our idea is to deploy 3,000 different types of digital ants, each looking for evidence of a threat,” Fulp says. “As they move about the network, they leave digital trails modeled after the scent trails ants in nature use to guide other ants. Each time a digital ant identifies some evidence, it is programmed to leave behind a stronger scent. Stronger scent trails attract more ants, producing the swarm that marks a potential computer infection.”
The researchers say the digital ant method works best for big networks with a large number of identical machines. And digital ants can’t take over your machine, either: they have to report back to the humans who control their “colony.”
rb-
Soooo, computers are going to go from having a bad case of worms to having a case of ants in their pants? Will the ants fall victim to Ant eater malware?
The research seems like a remake of the “good viruses” or “anti-virus viruses” idea that people outside the anti-virus industry mainstream bring out from time to time.
If this idea is commercially viable, they have some obvious advantages, compared to static anti-virus programs:
Digital ants do not consume large amounts of computer resources,
Digital ants do not need lengthy, process-hogging scans.
There’s no need to constantly update digital ants because they adapt to malicious code variants
What do you think?
Are the mainstream anti-malware firms creative enough?
Will digital ants work?
Ralph Bach has been in IT long enough to know better and has blogged from his Bach Seat about IT, careers, and anything else that catches his attention since 2005. You can follow him on LinkedIn, Facebook, and Twitter. Email the Bach Seat here.