Connect with us

Hi, what are you looking for?


Security Infrastructure

Researchers Model Security Software to Mimic Behavior of Ants

Researchers from universities and national laboratories in the United States are developing software that mimics ant behavior as a new approach to network security.

Researchers from universities and national laboratories in the United States are developing software that mimics ant behavior as a new approach to network security.

Image Source: Wake Forest UniversityErrin Fulp Digital Ants Technolgy at Wakeforest University

Errin Fulp, a computer science professor at Wake Forest University, is creating an “army of digital ants” that can roam computer networks looking for threats, and hopes the technology can transform how we think about cyber security. Fulp says the technology is different than traditional security software models because it adapts rapidly to changing threats. “In nature, we know that ants defend against threats very successfully,” Fulp said. “They can ramp up their defense rapidly, and then resume routine behavior quickly after an intruder has been stopped. We’re trying to achieve that same framework in a computer system.”

Glenn Fink, a researcher at Pacific Northwest National Laboratory (PNNL), a Department of Energy laboratory that conducts research in cyber security, first came up with the concept of imitating ant behavior for computer security. Fink had been familiar with Fulp’s work developing faster computer scans using parallel processing — dividing computer data into batches like lines of shoppers going through grocery store checkouts, where each lane is focused on certain threats — and invited him to join the project several years ago.

This summer, Fulp is working with scientists at PNNL in Richland, Washington to train the “digital ants” to turn loose into the power grid to seek out computer viruses trying to wreak havoc on the system.

If the approach proves successful in safeguarding the power grid, it could have wide-ranging applications on protecting anything connected to SCADA (Supervisory Control and Data Acquisition) networks, software systems that monitor and control industrial processes, such as those in nuclear power plants, and other industrial facilities such as water and sewer management systems to mass transit systems to manufacturing systems.

SCADA has been a popular topic in the security industry lately, as Stuxnet, the highly specialized malware that targets SCADA systems has kept the IT security industry spinning since it was discovered in July 2010.

“The power grid is probably more vulnerable to cyber attacks than security experts would like to admit,” said Fulp. “As the grid becomes more and more interconnected, it offers hackers more points to enter the system; for instance, inserting a virus or computer worm into a low security site, such as in your home’s smart grid, to gain access to more secure systems up the line,” he added. “When that network connects to a power source, which connects to the smart grid, you have a jumping off point” for computer viruses, he said. “A cyber attack can have a real physical result of shutting off power to a city or a nuclear power plant.”

So how will these cyber-warrior ants combat threats? “The idea is to deploy thousands of different types of digital ants, each looking for evidence of a threat,” Fulp said. “As they move about the network, they leave digital trails modeled after the scent trails ants in nature use to guide other ants. Each time a digital ant identifies some evidence, it is programmed to leave behind a stronger scent. Stronger scent trails attract more ants, producing the swarm that marks a potential computer infection.” When the digital ants detects a threat, it can bring that threat to the attention of human operators to investigate.

Advertisement. Scroll to continue reading.

The concept has proven successful in testing on a small scale, but will it still work when it’s scaled up to protect something as large and complex as the nation’s power grid? Fulp and two of his students — computer science graduate students Michael Crouse and Jacob White — are working this summer with scientists at PNNL and from the University of California at Davis to answer that question. But even using PNNL’s vast computer platforms, they can only rely on computer simulations to predict the ants’ “behavior” up to a point.

That’s where Fulp’s colleague, Ken Berenhaut, an associate professor of mathematics at Wake Forest and an expert in mathematical modeling and simulation, comes in. Berenhaut, along with Wake Forest graduate student Ross Hilton, will use modeling to help determine what will happen as the ants move about the smart grid from the hot water heater in your house to the electrical substation to the power plant.

Berenhaut and Hilton are working to answer man questions: How do the ants migrate across different computer platforms and systems operating at different speeds? How many ants should you have patrolling a system? How long do they live? How do the ants scale up to identify a threat and then ramp back down? So while the concept is quite interesting, there are still many questions to be answered and challenges to overcome before this type of technology goes mainstream.

Fulp has received nearly $250,0000 in grants from PNNL/Battelle Memorial Institute for his ongoing research.

Written By

For more than 15 years, Mike Lennon has been closely monitoring the threat landscape and analyzing trends in the National Security and enterprise cybersecurity space. In his role at SecurityWeek, he oversees the editorial direction of the publication and is the Director of several leading security industry conferences around the world.

Click to comment

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

Join security experts as they discuss ZTNA’s untapped potential to both reduce cyber risk and empower the business.


Join Microsoft and Finite State for a webinar that will introduce a new strategy for securing the software supply chain.


Expert Insights

Related Content

Security Infrastructure

Security vendor consolidation is picking up steam with good reason. Everyone wants to improve security efficiency and effectiveness while paying for less.

Management & Strategy

Hundreds of companies are showcasing their products and services this week at the 2023 edition of the RSA Conference in San Francisco.

Security Infrastructure

Instead of deploying new point products, CISOs should consider sourcing technologies from vendors that develop products designed to work together as part of a...

Security Infrastructure

Comcast jumps into the enterprise cybersecurity business, betting that its internal security tools and inventions can find traction in an expanding marketplace.

Security Infrastructure

XDR's fully loaded value to threat detection, investigation and response will only be realized when it is viewed as an architecture

Cloud Security

The term ‘zero trust’ is now used so much and so widely that it has almost lost its meaning.

Security Infrastructure

While silos pose significant dangers to an enterprise's cybersecurity posture, consolidation serves as a powerful solution to overcome these risks, offering improved visibility, efficiency,...


Identity and access governance vendor Saviynt has closed a $205 million financing round.