'Digital ants' seek viruses to protect computer networks

May 30, 2011

As the nation's electrical power grid becomes more interconnected through the Internet -- from the nuclear power plant in California to transmission lines in Texas to the microwave in your kitchen -- the chances of cyber attacks increase as well. Errin Fulp, a professor of computer science at Wake Forest University, is training an army of "digital ants" to turn loose into the power grid to seek out computer viruses trying to wreak havoc on the system.

If the approach proves successful in safeguarding the , it could have wide-ranging applications on protecting anything connected to SCADA (Supervisory Control and Data Acquisition) networks, computer systems that control everything from water and sewer management systems to mass transit systems to manufacturing systems.

Fulp is working this summer with scientists at Pacific Northwest National Laboratory (PNNL) in Richland, Wash., on the next steps in the digital ants technology, developed by PNNL and Wake Forest over the last several years. The approach is so promising that it was named one of the "ten technologies that have the power to change our lives," by Scientific American magazine last year.
The power grid is probably more vulnerable to than security experts would like to admit, said Fulp, an expert in security and computer networks. As the grid becomes more and more interconnected, it offers hackers more points to enter the system; for instance, inserting a virus or computer worm into a low security site, such as in your home's smart grid, to gain access to more secure systems up the line.

"When that network connects to a power source, which connects to the smart grid, you have a jumping off point" for , he said. "A can have a real physical result of shutting off power to a city or a ."
The digital ants technology could transform cyber security because it adapts rapidly to changing threats, said Fulp, who has received nearly $250,0000 in grants from PNNL/Battelle Memorial Institute for his ongoing research.

Unlike traditional security approaches, which are static, digital ants wander through computer networks looking for threats such as , self-replicating programs designed to steal information or facilitate unauthorized use of computers. When a digital ant detects a threat, it summons an army of ants to converge at that location, drawing the attention of human operators to investigate.

"The idea is to deploy thousands of different types of digital ants, each looking for evidence of a threat," Fulp said. "As they move about the network, they leave digital trails modeled after the scent trails ants in nature use to guide other ants. Each time a digital ant identifies some evidence, it is programmed to leave behind a stronger scent. Stronger scent trails attract more ants, producing the swarm that marks a potential computer infection."

The concept has proven successful in testing on a small scale, but will it still work when it's scaled up to protect something as large and complex as the nation's power grid? Fulp and two of his students -- computer science graduate students Michael Crouse and Jacob White -- are working this summer with scientists at PNNL and from the University of California at Davis to answer that question. But even using PNNL's vast computer platforms, they can only rely on computer simulations to predict the ants' "behavior" up to a point.

That's where Fulp’s colleague, Ken Berenhaut, an associate professor of mathematics at Wake Forest and an expert in mathematical modeling and simulation, comes in. Berenhaut, along with Wake Forest graduate student Ross Hilton, will use modeling to help determine what will happen as the ants move about the smart grid from the hot water heater in your house to the electrical substation to the power plant.

Among the questions to be answered: How do the ants migrate across different computer platforms and systems operating at different speeds? How many ants should you have patrolling a system? How long do they live? How do the ants scale up to identify a threat and then ramp back down?

"In nature, we know that defend against threats very successfully," Fulp said. "They can ramp up their defense rapidly, and then resume routine behavior quickly after an intruder has been stopped. We're trying to achieve that same framework in a computer system."

Explore further: Scientists apply new graph programming method for evolving exascale applications

Related Stories

Ant’s social network similar to Facebook

Apr 14, 2011

(PhysOrg.com) -- A recent study in the Journal of the Royal Society Interface presents findings that show that not all ants are as social as others. Similar to your friends on Facebook, some ants communicate with o ...

Fire ants reappearing in Orange County

Apr 24, 2006

Fire ants are reappearing in California's Orange County the result, say some critics, of the state ending its fire ant eradication funding in 2003.

Recommended for you

User comments : 6

Adjust slider to filter visible comments by rank

Display comments: newest first

dav_i
5 / 5 (3) May 30, 2011
"As the nation's electrical power grid..."
I always find it very unprofessional when news websites write articles in a non-international way. Not everybody who reads this website is in the USA, Physorg...
ab3a
3.7 / 5 (3) May 30, 2011
So, let's see: we name a defense mechanism that nobody can quite visualize with something that seems tantalizingly close to reality, and we get a grant of $250k to investigate the concept.

Can't we spend money on real stuff, like, uh, more secure Zigbee chips?
Mahal_Kita
not rated yet May 30, 2011
What Fulp forgot is that transmission grids will be more and more interconnected in the future, on an international scale. Several TSOs advocate this to enable for instance the integration of renewable energy systems. Can you see what will happen when Fulp's 'ants' let loose in the wild will migrate to Canada or South America? They will you know..
unknownorgin
1 / 5 (1) May 31, 2011
It wont take long to figer out that if the "ants" are attracted to one area the rest of the network is unprotected and too many ants in one area will overload the network also.
antialias
5 / 5 (1) May 31, 2011
...and who will stop someone from hacking the ants to converge on legitimate sites?
gwrede
1 / 5 (1) May 31, 2011
If I were a hacker, the first thing I'd do is autopsy one ant, and then make my own. And then my ants would eat up the others. And then I could ask for a ransom, or else.

What will I hear next??

More news stories

Hackathon team's GoogolPlex gives Siri extra powers

(Phys.org) —Four freshmen at the University of Pennsylvania have taken Apple's personal assistant Siri to behave as a graduate-level executive assistant which, when asked, is capable of adjusting the temperature ...

Venture investments jump to $9.5B in 1Q

Funding for U.S. startup companies soared 57 percent in the first quarter to a level not seen since 2001, as venture capitalists piled more money into an increasing number of deals, according to a report due out Friday.

Male monkey filmed caring for dying mate (w/ Video)

(Phys.org) —The incident was captured by Dr Bruna Bezerra and colleagues in the Atlantic Forest in the Northeast of Brazil.  Dr Bezerra is a Research Associate at the University of Bristol and a Professor ...

'Exotic' material is like a switch when super thin

(Phys.org) —Ever-shrinking electronic devices could get down to atomic dimensions with the help of transition metal oxides, a class of materials that seems to have it all: superconductivity, magnetoresistance ...