Emergence in Computer security

A staggering number of PCs have been compromised with malware and are used for everything from spreading spam, viruses, phishing etc. – in fact every kind of malicious activity imaginable. While many users are at least nominally aware of the dangers and have some protection installed, such tools offer superficial protection at best, especially against the more serious infestations. This is often counterproductive since it lulls users into a false sense of security.
Caveat: we are not suggesting uninstalling your current protection tools.

At the core of this, lies the fact that most security software is very reactive i.e. as soon as a new threat is detected, antivirus develop an update against it. By the time the update actually is installed on a user computer – assuming the protection actually works – is often too late. The current deluge of malware calls for a paradigm shift in moving to a proactive, predictive approach.

At Cognika, we are exploring the possibility of applying the concept of emergence to computer security. Artificial Immune Systems (AIS) have been researched for a few decades however such approaches remain researchy. The concept of AIS borrows from the idea of biological immune systems, which constantly evolve to cope with newer and emerging threats.

Biological immune systems are remarkably effective against the countless pathogens that organisms are exposed to during a lifetime. Millennia of evolution have made biological immune systems remarkably effective. Our idea is to adopt some of those ideas to develop an internet immune system akin to bio immune systems. Such research would be at the intersection of evolutionary computing, machine learning, computer security and other fields.

Here are some thoughts along these lines:

• An evolutionary, adaptive system could be developed to cope with the current onslaught of malware: an immune system that is constantly mutating (much like its adversaries) and adapting to newer threats.
• Cohorts of machines form trust networks (Immunets) to warn each other of imminent threats and share mechanisms to thwart their attack. The Immunets could be layered around existing social networks or organizational networks.
• The Immunets employ a combination of evolutionary algorithms and machine learning to develop effective defenses, which do not require manual updates and examination.
• Such systems could be augmented by current security-ware, much as biological immune systems are augmented by medications and treatments.

We have developed some prototypes and have some exciting early findings. We would love to hear more from academics, researchers, businesses interested in collaboration.