Modeling Security Software To Mimic Ant Behavior 68
wiredmikey writes "Researchers from universities and national laboratories in the United States are developing software that mimics ant behavior, as a new approach to network security."
The concept has been around for a while, but this summer researchers are working to train the "digital ants" well enough that they can turn them loose into the power grid to seek out computer viruses trying to wreak havoc on the system.
Uh...WTF? (Score:5, Interesting)
"In nature, we know that ants defend against threats very successfully," Fulp said. "They can ramp up their defense rapidly, and then resume routine behavior quickly after an intruder has been stopped. We're trying to achieve that same framework in a computer system."
Yeah, that's what we need. One Symantec AV can't stop a virus it doesn't know about, so we need TEN SYMANTEC AVS on the job.
The problem in computer security is one of DISCERNING INTENT. Good code and bad code look the same. The call the same functions, perform mostly the same tasks.
Think of VNC or Windows Remote Help vs a backdoor trojan. Same basic thing, just different intent.
FTP, Dropbox or other file transfer vs a trojan that uploads your files. Intent again.
Ants don't do any better at recognizing bad guys than AV software does. Faced with an enemy that is TRYING to disguise itself, they are fooled or sidelined. http://www.securityweek.com/researchers-model-security-software-mimic-behavior-ants [securityweek.com]
On the bight side, I'll be they can squeeze a few research grants out of it.