Engineers at the University of South Florida have developed a new type of cybersecurity software that mimics the human immune system.
It’s a concept that’s beginning to be explored more and more by researchers in a variety of fields: What does the human body do well and how can we adapt those mechanisms to improve technology or engineering systems?
Researchers in the USF Department of Electrical Engineering looked to the human immune system as a model for intrusion detection in wireless sensor networks. The concepts apply equally well to high-value financial or military mission critical networks that may or may not be wireless. The research was published in Procedia Computer Science and has demonstrated extremely promising results in testing.
“It’s very logical to develop these software systems based on human systems,” said Salvatore Morgera, PhD, a USF professor of electrical engineering and the project’s principal investigator. “Our immune system does a very good job at protecting us – so we wanted to take those mechanisms and adapt them for cybersecurity.”
In its simplest form, the human immune system protects the body from pathogens, like germs, viruses and other potentially harmful foreign bodies. If we become infected, our immune system is able to identify and attack the threat in an attempt to keep the body healthy. This idea is exactly what Morgera and his research team hoped to accomplish with their biologically-inspired software. When a network is at risk of being attacked, the software can identify and eliminate the threat. It’s essentially an immune system for a digital network.
To develop the software, Morgera, along with USF doctoral students Vishwa Alaparthy and Amar Amouri, broke the immune system down into three layers. The first layer is external protection; how our bodies prevent pathogens from getting inside. In their software, this layer of protection is encryption – a common cybersecurity tool used to keep unauthorized users out of networks. Most network security methods depend almost exclusively on encryption, and while modern encryption techniques are extremely sophisticated, they are not always successful at preventing intrusion.
To combat this risk, researchers looked to the bodies second layer of protection; non-specific resistance. This non-specific immune response acts as a “catch-all”, immediately responding to any foreign-body with a variety of non-specific immune cells. In their software, Morgera and his team developed a similar non-specific response that quickly recognizes any intrusion and quarantines the threat for further examination. Just like in the human body, this response acts as a first line of defense when threats enter the system.
The third layer that researchers looked at is the immune system’s specific resistance to pathogens. This subsystem of the overall immune system is composed of highly specialized cells that respond to specific pathogens. This response also builds immunological memory, leading to an enhanced response after the initial encounter. Just like in our bodies, the USF-developed software learns from each attack and maintains millions of intrusion-fighting templates it can sort through to fight individual threat attempts. As Morgera states, “The need to sort through millions of intrusion-fighting templates can be a computationally complex undertaking.” Another researcher, Patrick Lie Chin Cheong, and Morgera have developed a highly efficient ‘big data’ approach to the sorting that only takes fractions of a second and can be easily implemented on power-limited sensor networks using small microprocessors.
When used in combination, these three mechanisms not only work to keep our bodies healthy but have been shown to be extremely successful in maintaining secure, high value digital networks.
Morgera and his team originally began this research as a potential new tool to secure wireless sensor networks deployed by the military. They have worked in collaboration with U.S. Special Operations Command (SOCOM) to test the software and have seen very promising results. Now, researchers plan to continue to improve the software and make it available for a variety of applications. It’s work that may change the future of cybersecurity around the world.