The “Evolution” of Security

The great mathematician Stanislaw Ulam once said that the question was not what mathematics can do for biology, but what biology can do for mathematics.
Reading an article about Digital Evolution[1], I become curious about up to what point the link between evolutive computer software and the field of computer security has progressed. It seems obvious to think in terms of biological concepts such as immune systems and mutating entities when you think about viruses, troyans and other current and future threats to security.
It looks like there is a wealth of research already conducted on such connection. A good starting point is the work of Prof. Forrest[2] from the University of New Mexico. There seems to be also some attempts at using genetic algorithms for intruder detection such as [3].
Without doubt this is a promising area. The traditional approach of trying to guess and hard code against external attackers is not going to work as the complexity of systems and applications grows, seemingly unbound.
I am planning to start doing more research about this, as this touches many fields in which I have worked in the past. Any insight or advice is going to be welcome and greatly appreciated!

[1] Harnessing Digital Evolution, P. McKinley, B. Cheng, C. Ofria, D. Knoester, B. Beckmann and H. Goldstein, Computer Jan 2008.

[2] Principles of a Computer Immune System A. Somayaji, S. Hofmeyr, & S. Forrest

[3] Using Genetic Algorithm for Network Intrusion Detection, W. Li

Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out /  Change )

Google photo

You are commenting using your Google account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s

%d bloggers like this: