News
Blogs
Shark Bait
Knowledge Centers
Opinion
Webcasts
Video
Podcasts
IT Careers
White Papers
Computerworld Reports
Zones
Case Study Library
RSS Feeds
Events
Industry
This Week in Print
Print Subscriptions


Ads by TechWords

See your link here


Douglas Schweitzer's picture
Douglas Schweitzer

The Security Sector

More posts | Read bio

September 28, 2009 - 5:31 P.M.

Now here’s an ant farm

3 comments

I stumbled upon an interesting piece at the Wake Forest University site.  In Eric Frazier’s piece, Ants vs. worms (you can read it here) he describes how new security programs are being designed to thwart computer security threats by taking a page out of mother nature’s book. These “digital ants” are made to seek out threats in computer networks and pretty soon after a threat is detected, the “ants” gather conspicuously enough to get the attention of their human supervisors. The assemblage is part of what is called “swarm intelligence” and to me their most intriguing aspect is that they’re adaptable as threats change. That’s where malware today is so successful – as it evolves (even ever so slightly) it’s able to keep a step ahead of known malware defenses.  

I expect that Glenn Fink’s (research scientist at Pacific Northwest National Laboratory) inspired notion of imitating the activities of ants an applying that behavior in a digital setting will prove invaluable in the cyber security realm.     

What People Are Saying

Add new comment

Malware writer's next logical step...

Submitted by Mike (too) on September 29, 2009 - 2:41 P.M.

Digital magnifying glass, in conjunction with Sun server...

Reply | Report this comment

The devil is in the details

Submitted by Mike Wood on September 29, 2009 - 11:51 A.M.

The swarming concept to focus analysis toward machines that are demonstrating higher levels of suspicious activity is indeed an interesting approach to speed up the detection of anomalous behavior.

The challenge will be defining what anomalous behavior actually is and at what thresholds to report it. As in their paper, the ant agents detect anomalies such as "an unusual rate of network connections, a large number of open files, strange file names in system directories, or unusually high processor utilization" -- heuristics which (a) normal software can exhibit and (b) malware can easily avoid.

Mike Wood
Threat Researcher
Sophos Inc.

Reply | Report this comment

check this out.....security

Submitted by Anonymous on September 28, 2009 - 7:00 P.M.

Check this out

Reply | Report this comment

Related Posts

Stop making it so easy to be attacked online
Security pro: Facebook is the new Big Brother and the "bad guys'" best friend
Wanna C Somthin' HOT!?? Click Da' Button, Baby!
Facebook and Zynga class-action over Farmville, Mafia Wars, etc.

Editor's Picks

Attacks likely against Windows, PowerPoint, researchers say

Google Buzz takes the fight to Facebook, Twitter

Judge dismisses Windows anti-piracy software lawsuit

Microsoft e-health research taps Xbox, mobile phones

Review: 3 encryption apps keep your data safe

Startup opens offshoring alternative in distressed Michigan

About Us Advertise Contacts Editorial Calendar Help Desk Jobs at IDG Privacy Policy Reprints Site Map
CIO Computerworld CSO DEMO GamePro Games.net IDC IDG IDG Connect IDG Knowledge Hub IDG TechNetwork IDG Ventures
IDG.net InfoWorld ITwhitepapers ITworld JavaWorld LinuxWorld Macworld Network World PC World The Industry Standard
Copyright © 1994 - 2010 Computerworld Inc. All rights reserved. Reproduction in whole or in part in any form or medium without express written permission of
Computerworld Inc. is prohibited. Computerworld and Computerworld.com and the respective logos are trademarks of International Data Group Inc.