Sean Peisert

Research

Sensor Networks for GENI

The Hive Mind approach to intrusion detection provides event correlation over an infrastructure comprised of one or more administrative enclaves, each made of a collection of device level nodes. These represent the devices in the network being monitored. Swarming sensor agents modeled after biological elements such as ants, wasps, termites, crows, and/or immune systems. These roam from node to node, searching for security relevant activity, leaving markers to communicate with other wandering agents.

The Hive Mind interposes logic-based rational agents between humans and the swarm, providing a basis for communication, interaction, and shared initiative. The goal is to augment, not replace, more traditional security mechanisms. For example, the Hive Mind should be effective where computing power is highly limited, e.g., where host-based IDSs would be impossible or in highly distributed systems without well-defined monitoring points making network-based detection infeasible. The Hive Mind could then be used in parallel with traditional firewall and intrusion detection systems.

The result of this will enable GENI to support experiments where there is communication between internal nodes (sensors or routers).  In the context of networking, such experiments might be used to test if bandwidth usage can be improved through the communication of capacity and usage information between routers.  In the context of security, such experiments might be used to test the tradeoffs among different approaches to exchanging security information between sensors, and where that information might affect firewall rules or pro-active, forensic logging efforts.

The Hive Mind project page

More information on GENI's page

Researchers currently involved:

• Vinod Balachandran (UC Davis)
• Matt Bishop (UC Davis)
• Carrie Gates (CoPI; CA Labs)
• Jonathan Ganz (UC Davis)
• Vishak Muthukumar (UC Davis)
• Sean Peisert (PI; UC Davis and LBNL)
• Steven Templeton (UC Davis)
• Teng Wang (UC Davis)

Researchers previously involved:

• Mina Doroud (UC Davis)
• Deb Frincke (Previous CoPI; PNNL → DOD)

Current sponsor: National Science Foundation CISE/CNS and BBN/GENI Projects Office

Publications resulting from this project:

"Security Aspects of Cyber-Physical Device Safety in Assistive Environments"

Steven Templeton,

Proceedings of the 4th International Conference on Pervasive Technologies Related to Assisted Environments (PETRA),

Crete, Greece, May 25–27, 2011.

"Ant-Based Cyber Security"

Jerome N. Haack, Glenn A. Fink, Wendy M. Maiden, A. David McKinnon, Steven J. Templeton, and Errin W. Fulp,

Proceedings of the 8th International Conference on Information Technology: New Generations (ITNG),

Las Vegas, NV, April 11–13, 2011.

DETER Newsletter: "The Hive Mind Project -- Digital Ants for Intrusion Detection," Summer, 2011.

HPCwire: "GENI Project Receives $11.5M in NSF Funding," October 12, 2009.

The definitive versions of the papers posted on this page were first published in the venues indicated. In accordance with publisher copyright policies, these papers are pre-prints or post-prints, and are not the pubilsher's version.

Personal use of the material posted on this page is permitted. However, permission to reprint/republish this material for advertising or promotional purposes or for creating new collective works for resale or redistribution to servers or lists, or to reuse any copyrighted component of this work in other works must be obtained from the original publishers.

This material is presented to ensure timely dissemination of scholarly and technical work. Copyright and all rights therein are retained by authors or by other copyright holders. All persons copying this information are expected to adhere to the terms and constraints invoked by each author's copyright. In most cases, these works may not be reposted without the explicit permission of the copyright holder.