Wednesday, 25 February 2009

Borg-like cybots may patrol government networks


The Oak Ridge National Laboratory has created software that uses colonies of borg-like cyberrobots it says will help government agencies detect and fend off attacks on the nation's computer network infrastructure.

The Ubiquitous Network Transient Autonomous Mission Entities (Untame) differs from traditional security software agents in that its cybot "entities" form collectives that are mutually aware of the condition and activities of other bots in their colony (PDF).

When these cybots detect network intruders, they communicate with one another, preventing cybercrooks from creating and using a diversion in one spot within the network to then break through in another.

"The cybots are an inherent part of Untame's software, designed to do cybersecurity," Joe Trien, a team leader from the lab's Computational Sciences and Engineering Division, said in an interview with the Daily Beacon. "Most enterprises have intrusion detection centers set up in key spots, but they don't communicate with each other. But a cybot is intended to work with other cybots, continue their mission, or regenerate when necessary so they can pick up where one left off" (PDF).

The U.S. Department of Energy commissioned the software, in response to criticism from Congress (PDF) over security lapses. It hopes for an "intelligent, self-healing, intrusion detection and prevention system" capable of real-time response and defense, one that can learn to avoid false positives and relieve human operators from sloughing through low-level alerts.

The concept of mobile, autonomous software is not one that commercial software developers have embraced, said Lawrence MacIntyre, who is also working on the project. "When you tell people you've got this software that roams, the first thing they think of is a worm," he said.

Trien says Untame is more analogous to the Borg from "Star Trek," only benign. Plus, it would be bound by mission directives to monitor and protect its assigned cyberinfrastructure--not assimilate humanity.

No comments:

Post a Comment