Enhanced information security through bioimicry?
Enhanced information security through bioimicry?
Life can be thought of as a biological problem solver. When looking for innovative answers to some of the toughest security questions many of the best solutions can be found through observation of biological systems. The obvious examples include ant colonies, bee hives, and termites, but we can also learn a lot from lesser known behaviors in nature such as the behavior of viruses, bacteria, mold, fish, and plants.
In the paper “Security—A Perpetual War: Lessons from Nature” Mazurczyk and Rzeszutko present a table which uses analogies from nature to compare offensive and defensive IT capabilities to the offensive and defensive capabilities seen in biological lifeforms. The features are mapped out, you have essence features of the defensive or offensive techniques, the IT example, and the example from nature. Phishing for example uses similar techniques as used by the anglerfish, worms use similar techniques as used by the bolas spider, botnets use similar techniques as is used by ophiocordyceps unilateralis which is a fungus.
These techniques are primarily offensive but defensive IT techniques also mirror biology. Honeypots for example use similar techniques as is used by the Lady’s slipper orchid.
If we map out the different attack and defense techniques onto biological organisms then we can understand how each attack and defense technique can evolve within the IT ecosystem. Understanding this evolvability can be very important and inform us on how to better design defensive techniques going into the future. The DDOS (distributed denial of service) technique currently utilized in attacks disrupts the resource management capabilities and availability of the defense but we must remember that DDOS is just an evolved form of DOS (denial of service).
The defensive techniques must also evolve along with the offensive techniques and in a way which is aware of how offensive techniques are likely to or are able to evolve from current technological trends.
It is possible that in the near future we will see malware, viruses, and worms, which make use of artificial intelligence along with biomimicry to become more effective. On the defense side it will be necessary to utilize artificial intelligence for anomaly detection. Detection capabilities currently are very insufficient as many attacks remain undetectable. Improved anomaly detection supported by enhanced machine intelligence may help improve the quality of intrusion detection systems and it is possible that machine intelligence will be cloud-based or even decentralized if we look at the current trends.
In biological systems the masked birch caterpillar provides an example of an intrusion detection system (Mazurczyk, Rzeszutko, 2015) which we can find inspiration from for improvements to design.
Unfortunately at the same time if we look at current trends the potential risk of certain kinds of attacks are increasing while the potential to defend against them appear to be decreasing. Ransomware is evolving, is now becoming decentralized, utilizing advances in cryptography and blockchain technology. Can nature inform us on how to defend against these evolving threats? The predators in the IT ecosystem are evolving faster than the prey, but perhaps the defense side could use inspiration from nature to contain evolving threats.
References
Guedes, R. N. C., Matheson, S. M., Frei, B., Smith, M. L., & Yack, J. E. (2012). Vibration detection and discrimination in the masked birch caterpillar (Drepana arcuata). Journal of Comparative Physiology A, 198(5), 325-335.
Mazurczyk, W., Drobniak, S., & Moore, S. (2015). Towards a Systematic View on Cybersecurity Ecology. arXiv preprint arXiv:1505.04207.
Mazurczyk, W., & Rzeszutko, E. (2015). Security--A Perpetual War: Lessons from Nature. IT Professional, 17(1), 16-22.