Socially Engineered Intelligent Computer Anti Viruses and DDOS Defenses

Computer viruses have caused significant financial losses to organizations (CSI 2000). Even though most organizations have installed anti-virus software in their computers, a majority of them still experience infections (ICSA 2000). Most anti-virus software can not detect a new virus unless it is patched with a new virus definition file. New virus countermeasures have to be disseminated once a new virus is discovered. Studies of viruses demonstrate that the network topology and the site of the initial infection are critical in determining the impact of the virus (Kephart 1994; Wang 2000; Pastor-Satorras 2001). What is needed is a new approach to this problem. Such an approach may be made possible through the use of socially intelligent autonomous agents.

The Web and the router backbone can be thought of as an ecological system. In this system, viruses prey on the unsuspecting, and distributed denial of service attacks (DDOS) spread through the networks "eating" or "maiming" their prey. Viruses are, in a sense, a form of artificial life (Spafford 1994). One approach to these attacks is to propagate another "species" that can in turn attack these attackers or determine where to place defenses. Consider a computer anti-virus. Computer anti-viruses should spread fixes and safety nets, be able to "eat" the bad viruses and restore the machines and data to various computers, without, necessarily, the user's knowledge. Such anti-viruses would be more effective if they were intelligent and able to adapt as the viruses they were combating adapted. Such anti-viruses would be still more effective if they were socially intelligent and used knowledge about how people and organizations use computers and who talks to whom in order to assess which sites to infiltrate when. We can think of such anti-viruses as autonomous agents that are benign in intent and socially intelligent.

0 0

Post a comment