Project Title - Behavior based Artificial Agents for Information security
PIs: Prof. Bharat Bhargava, Shailendra Raj Mehta,Mukul Gupta, Alok Chaturvedi
On mobile Code Security, B. Bhargava,
Mohammed Hafeeda, CERIAS Technical Report, Purdue University, 2001.
The security threats involved in any software system are due to unanticipated attacks by hackers or terrorists. Research in security concentrates on providing technical solutions to these security threats. These solutions might not work well once the assumed attacker behavior changes. Attackers quickly understand the current security structure of the system and come up with innovative ways to achieve their objectives. This report proposes the design for the simulation of a hacker as an intelligent learning agent, which can be used to observe the behavior change patterns and enhance the existing solutions to security threats.
Security-"access control" is a growing area of concern for any organization using the Internet. Ubiquitous connectivity, complex systems and networks, e-commerce application and most importantly the proliferation of easy-to-use attack tools have made achieving access control all the more harder. Information security is becoming more and more important to the success and stability of any business enterprise. Any organization, be it Banking, Consulting, Education, Government, High-Tech, Manufacturing or Military, the Information security budgets are on the increase year by year as pointed out by the 2001 Industry Survey by Information Security Magazine. Various security components are available for an organization to improve access control. Which among these should an organization choose to meet its budget and security needs is a question of concern. What is the right security profile a firm must choose upon?
E. Project Description:
The main problem related to choosing of a right security profile for a firm is the problem of unpredictable behavior of perpetrators. What a perpetrator can learn about an organization and what are the attacking approaches he can use is difficult to predict. This is because of the dynamic behavior of the perpetrators who keep learning from the agents. The perpetrators keep learning about the firm behavior using agents like snuffers. Once the perpetrators have crossed the knowledge acquisition phase they exploit the vulnerabilities of the firms. The information learnt about vulnerabilities of a firm is transferred to other perpetrators and helps further exploitation of a firm's resources. The perpetrator behavior is dynamic in the sense that perpetrators quickly learn to adapt to current security structure and come up with innovative ways to achieve their objectives.
What is to be done is help a firm choose its security profile such that it can be invulnerable to any sort of attacks from perpetrators. The firm tries to predict the behavior of the perpetrators and choose the appropriate security profile so that the budget being spent on information security is being used in the right way. There is nothing like the absolute security for a firm. Achieving a perfect security is not easily achievable but given the budget constraints what is the best that the firm can choose upon. This is what is needed to be achieved. This is proposed to be achieved using an agent-based approach.
With the advent of Internet and e-commerce come enormous business opportunities and also the associated set of security risks. These risks may be either related to faults related to inferior design of software components or they might be perpetrated risks from sources such as hackers, terrorists, organized crime, business competitors, foreign intelligence or even internal employees. Organizations and researchers alike are spending tremendous amount of resources and energy to minimize these risks.
Much of the research in security concentrates on providing technical solutions to security threats. These solutions would look at a specific or a combination security threats and would build a comprehensive and practical safeguard against those threats. Researchers also have started to focus on business solutions to the security threats by providing approaches to designing and implementing security strategies and policies. These approaches provide good solutions under the assumptions of the perpetrator behaviors that they considered but might break down once those behaviors change. This is because the perpetrators quickly learn to adapt to current security structure and come up with innovative ways to achieve their objectives. The project implements agent based approach to model the behaviors of the perpetrators.