University of Arizona researchers are developing a form of cybersecurity inspired by the human body and capable of detecting threats in their earliest stages.
This cybersecurity model would respond to security threats in computers and smartphones just as the nervous system responds to health threats within the human body. Think of the biological response that instinctively pulls your hand away from a hot stove or protects your immune system from a virus, but in this case, it’s a dangerous security threat.
“I felt we could learn about how the body protects us by reacting to threats and maybe apply it to cyber by building a ‘cyber immune system,’” said Salim Hariri, UA electrical and computer engineering professor and the project’s principal investigator. “We’re trying to build these abilities where, when somebody attacks your computer, these measures can detect the attack and act on it before you’re even aware something is compromised.”
The Partnership for Proactive Cybersecurity Training project is funded by a three-year, $3 million grant from the National Nuclear Security Administration’s Minority Serving Institution Partnership Program. In collaboration with Howard University, Navajo Technical University and Argonne National Laboratory, the team will work to build proactive cybersecurity while also providing training and research opportunities to students, especially women and minorities.
For Tamal Bose, head of the UA’s Department of Electrical and Computer Engineering and co-investigator on the project, cybersecurity is no longer just an issue for the government or large companies, but for anyone who owns a computer or smartphone.
“You carry around this phone that’s networked to all kinds of servers, and your information is very vulnerable,” Bose said. “Cyberspace is the domain where most wars are going to be fought in the future.”
Traditional approaches to cybersecurity have been reactive, acting only when a device is already being threatened or damaged. By using machine-learning techniques, the team hopes to be able to teach computers how to recognize and respond to cyber threats faster.
“Once you put your hand down on that stove, you know not to touch it again, because it’s hot,” said Gregory Ditzler, co-investigator and assistant professor of electrical and computer engineering. “But how can you be prepared to recognize other dangers, like putting your hand in a toaster? This is where machine learning comes in.”
Machine learning, a form of artificial intelligence, allows computers to teach themselves how to recognize patterns and learn new tasks. The researchers will expose the computer to thousands of examples of cybersecurity threats until it can recognize such threats on its own.
Through this method, researchers hope to create a playbook of defense measures that can be activated as soon as a threat is detected.
“The moment we see abnormal behavior, we want to be able to say, ‘Oh, that’s play No. 5 and I already have a way to respond to it, and I can act on it quickly,’” Hariri said.
“An attacker can reach hundreds of thousands of devices in a fraction of a second, so we need our ability to detect threats and protect a system to work just as quickly.”
Because hackers often evolve in their methods, researchers are also hoping to teach the computer to detect changes in the environment and anticipate changes before they occur.
As a part of the research program, these scientists will also be training students to become skilled members of the cybersecurity workforce. The initiative will include an eight-week summer education program, a cybersecurity class and internship opportunities at the Department of Energy and other government labs.
“The hottest jobs, and some of the highest-paid jobs, today are in cybersecurity,” Hariri said. “If I were a student who wanted job security, a high salary and the chance to make a big impact on our society, this is the field I would want to study.”