Survey
* Your assessment is very important for improving the workof artificial intelligence, which forms the content of this project
* Your assessment is very important for improving the workof artificial intelligence, which forms the content of this project
Use Human Immune System based approach to tackle Security threats Author: Siddharatha Joshi, Tech Mahindra Ltd Current challenges Security threat has always been there since the day man started walking on this planet. With evolution, the avenues of threat and the methods deploys to breach security have been changing. In the olden days, the security breach could happen only through physical structures and was aimed at stealing physical valuable items. In the digital age, the security breach is aimed at breaking into the digital world. In this world, the most valuable item is information. The information could be bank account details of persons, it could be new product launch details of competition, and it could be Government policies. Ironically, the value of information is many folds higher than that of physical assets. Also, in the Physical world, the threat is often from the locals whereas in Digital Age, the threat is from entire planet. Hence in Digital world, the horizon of threat is much wider and the impact of security breach is much deeper. Novel problems need novel approach and hence I propose to learn a few techniques from nature to fight the threat of Security breach. Learning from Nature As a human being, we are very much vulnerable to diseases. The disease of interest for this paper is - infectious diseases. Infectious disease spread from 1. Person to person 2. Animals to person 3. Person to animals There is a fixed pattern and flow in which the infectious disease spread and becomes epidemic. It follows the chain reaction approach. The disease causing agents like viruses, bacteria, fungi attacks everybody but makes the person with a vulnerable immune system as their breeding ground. The infected person becomes their agent now and spreads the disease further to the people with whom he comes in the contact. Relation between disease and Security threat Isn’t it the same way in which the security breaches happen? The hackers are attacking every organization with a potential of valuable information but the organization that’s not most vulnerable becomes there victim. Understanding Nature’s Solution Our body has devised a myriad of techniques in the form of Immune System to fight these infectious diseases. This is precisely the reason why there is Human race still flourishing on this planet though there have been numerous outbreaks of diseases. When the body gets infected by a disease, the Immune system attacked the disease causing agent in following steps 1. 2. 3. 4. 5. 6. 7. Mobilize force to the infected organ Prevent further progress of infection by sticking to the fungi/virus of the disease Swallow up the invader Release chemicals to kill the swallowed invader Clean-up the debris from body Rebuild if needed. Learn and augment immunity so that next time, the body doesn’t get infected. This is called Acquired Immunity. Infants and children have very less acquired immunity and so are susceptible to infections. Their acquired Immunity is augmented with the help of external forceful infection in a controlled manner. We know it as Vaccination. We can make use of this science of diseases to prevent Security threats. How Following should be the approach to prevent Security threats. Identify the weak link: The first step in building the Security System is to find the weakest link in the chain of networks and applications. Instead of following the conventional approach of stakeholders giving priority, we should run a mock security attack drill without alerting the stakeholders. This is analogous to the vaccination approach. During the attack, the pattern and flow of security breach from one system to other system is noted. This flow represents the weakest link in the Security Design. The job at hand then is to fix the weakest link first and then secure the entire system. To fix the weakest link, we follow the technique used by our Immune system to kill infection. Following table illustrates the co-relation: Steps 1 Our Immune System Mobilize force to the infected organ 2 Prevent further progress of infection by sticking to the fungi/virus of the disease Swallow up the invader 3 4 5 6 7 Release chemicals to kill the swallowed invader Clean-up the system of debris Rebuild if needed. Learn and augment Immunity so that next time, the body doesn’t get infected. This is called Acquired Immunity. The Security System Focus all efforts on the entry point of the attack. Close the security loopholes On the basis of RCA done in step 2, use predictive analysis to identify other systems that have the same vulnerability. Fix the security loopholes in all the systems identified in Step 3. Redesign the network, applications, integration of applications if needed Rebuild and redeploy the systems The loopholes identified are put in the Quality checklist for audit so that they do not re-appear Conclusion There is a lot of emphasizes on learning from nature. There are dedicated institutes like Biomimicry Institute that are completely focussed on understanding the techniques of nature. The idea of implementing Human Immune system type Security prevention system is currently researched in multiple universities and organizations. The References section has links to 2 such research projects. The Immune system has been successful for over millions of years in protecting Human race from numerous outbreaks of deadly diseases. Hence a security system based on this learning should be robust enough to fight the security threats. References Immune System Approaches to Intrusion Detection - A Review (ICARIS) A Novel approach for Intrusion Detection