Genetics Inspired Research Prevents Cyber Attacks

WINSTON-SALEM, N.C., Feb. 16, 2012 /PRNewswire-USNewswire/ -- Cyber security is an ever changing and growing concern. Nearly twice as much cyber security funding proposed in the 2013 budget underscores the need for improved computer network defenses. Inadequate security configurations are blamed for 80 percent of the United States Air Force network vulnerabilities.

Now Wake Forest University researchers are fighting the continual evolution of viruses, worms and malware with evolution by developing the first-ever automated computer configurations that adjust as quickly as the threats.

Computer Science Associate Professor Errin Fulp and graduate student Michael Crouse are refining a genetically inspired algorithm that proactively discovers more secure computer configurations by leveraging the concept of "survival of the fittest." Early simulations have shown the increased diversity of each device's configuration improves overall network safety, without putting undue stress on IT administrators.

"Typically, administrators configure hundreds and sometimes thousands of machines the same way, meaning a virus that infects one could affect any computer on the same network," says Crouse, who recently was named one of the "nation's top new inventors" by Inventor's Digest magazine. "If successful, automating the ability to ward off attacks could play a crucial role in protecting highly sensitive data within large organizations."

Funded by a grant from Pacific Northwest National Laboratory (PNNL), the researchers aim to improve defense mechanisms of similar computing infrastructures with minimal human interaction.

Cyber attacks usually take place in two phases, says Fulp. In the reconnaissance phase, a virus simply observes the landscape, identifies possible defense mechanisms and looks for the best way in. If nothing has changed since the reconnaissance phase upon return, the virus strikes. But security experts say even the slightest change in environment can make a huge difference in deterring potential attackers.

"If we can automatically change the landscape by adding the technological equivalent of security cameras or additional lighting, the resulting uncertainty will lower the risk of attack," explains Fulp.

Researchers are currently testing their work to transform cyber security. Planned assessment includes integrating the automated system into the computer science department's annual "hackathon," giving budding developers the opportunity to improve the system.

Though no one has successfully modeled this complex process before, this is not the first time Fulp and Crouse have turned to nature to guide their research. Read more about their bio-inspired projects to improve cyber security at http://go.wfu.edu/bioinspiration.