Information security symposium draws more than 200 researchers

Because both humans and computers are vulnerable to viruses, some computer scientists have started to look at the ways that living organisms ward off infectious agents, hoping that similar defenses can be applied to machines. Stephanie Forrest, a pioneer in computational immunology, discussed her groundbreaking research in that emerging discipline at the symposium Information Security and Privacy, held at BU on April 10.

Forrest’s talk, titled Computation in the Wild, was one of several lectures in the daylong symposium at the School of Management. The event, which also included two panel discussions, drew more than 200 researchers and marked the inauguration of BU’s Center for Reliable Information Systems and Cyber Security (RISCS), established last summer to promote and coordinate research on ways to reduce computer security risks.

Computational immunology is one of most adventurous methods now on the drawing boards. “Biological design principles are providing new insights in the field of computer security,” said Forrest, a computer science professor at the University of New Mexico, whose 2002 research paper, also titled “Computation in the Wild,” explores similarities between computer systems and biological systems. Forrest argues that we can learn lessons from biological immune systems to protect computers in the “software ecosystem” that now exists.

A decade ago, Forrest’s ideas were met with skepticism, but times — and the complexity of computer systems — have changed. England’s Department of Trade and Industry, in partnership with the Royal Mail and King’s College London, is currently developing the Computational Immunology Fraud Detection System (CIFD) to spot unusual financial transactions. Using Forrest’s theories, CIFD will fight commercial fraud by employing hundreds of thousands of software “antibodies” that detect anomalies in the Royal Mail’s extensive database of over-the-counter transactions — much like the way natural immune systems scans cells for foreign bodies.

Forrest and her colleagues recently developed a prototype network intrusion-detection system called LISYS (lightweight intrusion detection system) that combines properties of human T cells, B cells, and antibodies. The acronym is a play on the word lysis, the process by which the immune system destroys bacteria by rupturing the bacterial membrane.

 “If you look at how infections spread through human populations,” Forrest said, “you see that we are dependent on genetic diversity to fight diseases. Each one of us has something unique in our immune systems. We can apply that quality to software by introducing changes to make each system unique. Computers are still susceptible to attack because of homogeneity — in many ways they’re all the same.”

Based on Forrest’s notion of “artificial heterogeneity,” she and fellow researchers at the University of New Mexico are developing something called randomized instruction set emulation (RISE), a method of defense that performs a hidden randomization of a computer application’s machine code — each piece of software is subtly changed from the others. “Computers are easy targets for standardized binary code injection attacks,” she said. “But this introduces changes so an attacker can’t find a common point of entry.”

Margrit Betke, a College of Arts and Sciences associate professor and director of undergraduate studies in the computer science department, said she was impressed with Forrest’s lecture. “It provided insights into how we can take ideas from biological mechanisms and use them to boost the immune systems of computers,” said Betke. “It’s a fine example of using an interdisciplinary approach to solve a problem.”