Sean PeisertACM Distinguished Member |
||
|
Upcoming activities:
IEEE Security & Privacy (ongoing)
NSA SoS Best Paper Competition (annually, deadlines in April) IEEE Cybersecurity Award for Practice (annually, deadlines in July) IEEE S&P (Oakland) 2024 (May 20–23, 2024) CSET 2024 (Aug. 2024) NSF Cybersecurity Summit (Oct. 7–10 2024)
|
Research
The Hive Mind project at UC DavisThe Hive Mind project was originally funded to define and prototype a security layer underlying GENI that would allow providers of the system to collaboratively defend against attacks and misuse of GENI resources. To do this, it explored an innovative method of intrusion detection based on mobile agents and swarm intelligence. The project's goal, both for GENI as well as more generally, is to provide a lightweight, decentralized, intrusion detection method that is adaptable to changing threats while communicating suspicious activity across hierarchical layers to humans who can respond when needed.The Hive Mind approach to intrusion detection provides event correlation over an infrastructure comprised of one or more administrative enclaves, each made of a collection of device level nodes. These represent the devices in the network being monitored. Swarming sensor agents modeled after biological elements such as ants, wasps, termites, crows, and/or immune systems. These roam from node to node, searching for security relevant activity, leaving markers to communicate with other wandering agents. The Hive Mind interposes logic-based rational agents between humans and the swarm, providing a basis for communication, interaction, and shared initiative. The goal is to augment, not replace, more traditional security mechanisms. For example, the Hive Mind should be effective where computing power is highly limited, e.g., where host-based IDSs would be impossible or in highly distributed systems without well-defined monitoring points making network-based detection infeasible. The Hive Mind could then be used in parallel with traditional firewall and intrusion detection systems. The result of this enables environments to employ monitoring with minimal interference to the external environment.
Prototypes of the Hive Mind are implemented, available for download on GitHub, and have been tested on the ProtoGENI and DETER testbeds. More Hive Mind information the GENI Wiki Researchers involved:
Past sponsor: National Science Foundation CISE/CNS and BBN/GENI Projects Office Publications resulting from this project:
DETER Newsletter: "The Hive Mind Project -- Digital Ants for Intrusion Detection," Summer, 2011. HPCwire: "GENI Project Receives $11.5M in NSF Funding," October 12, 2009.
The definitive versions of the papers posted on this page were first published in the venues indicated. In accordance with publisher copyright policies, these papers are pre-prints or post-prints, and are not the pubilsher's version. Personal use of the material posted on this page is permitted. However, permission to reprint/republish this material for advertising or promotional purposes or for creating new collective works for resale or redistribution to servers or lists, or to reuse any copyrighted component of this work in other works must be obtained from the original publishers. This material is presented to ensure timely dissemination of scholarly and technical work. Copyright and all rights therein are retained by authors or by other copyright holders. All persons copying this information are expected to adhere to the terms and constraints invoked by each author's copyright. In most cases, these works may not be reposted without the explicit permission of the copyright holder.
Last modified: Friday, 07-Aug-2015 13:44:43 PDT |