Sean Peisert

Home Page

Publications

Research Projects

Software

Talks and Tutorials

Professional Service

Teaching

Students & Postdocs

News

Bio

Links


Photograph of me lecturing at the blackboard (credit: R. Benjamin Shapiro, 2002).


Upcoming events that I'm involved with:

S&P 2019 (May 19–23, 2019)

CSET 2019 (August 2019)

NSPW 2019 (Aug/Sept/Oct 2019)

 
 

Research


The Hive Mind project at UC Davis

The Hive Mind project was originally funded to define and prototype a security layer underlying GENI that would allow providers of the system to collaboratively defend against attacks and misuse of GENI resources. To do this, it explored an innovative method of intrusion detection based on mobile agents and swarm intelligence. The project's goal, both for GENI as well as more generally, is to provide a lightweight, decentralized, intrusion detection method that is adaptable to changing threats while communicating suspicious activity across hierarchical layers to humans who can respond when needed.

The Hive Mind approach to intrusion detection provides event correlation over an infrastructure comprised of one or more administrative enclaves, each made of a collection of device level nodes. These represent the devices in the network being monitored. Swarming sensor agents modeled after biological elements such as ants, wasps, termites, crows, and/or immune systems. These roam from node to node, searching for security relevant activity, leaving markers to communicate with other wandering agents.

The Hive Mind interposes logic-based rational agents between humans and the swarm, providing a basis for communication, interaction, and shared initiative. The goal is to augment, not replace, more traditional security mechanisms. For example, the Hive Mind should be effective where computing power is highly limited, e.g., where host-based IDSs would be impossible or in highly distributed systems without well-defined monitoring points making network-based detection infeasible. The Hive Mind could then be used in parallel with traditional firewall and intrusion detection systems.

The result of this enables environments to employ monitoring with minimal interference to the external environment.

Prototypes of the Hive Mind are implemented, available for download on GitHub, and have been tested on the ProtoGENI and DETER testbeds.

The Hive Mind project page

More Hive Mind information the GENI Wiki

Researchers involved:

  • Vinod Balachandran (UC Davis → Sybase/SAP)
  • Matt Bishop (Senior Personnel; UC Davis)
  • Mina Doroud (UC Davis → Twitter)
  • Deb Frincke (Past CoPI; PNNL → DOD)
  • Carrie Gates (Past CoPI; CA Labs → Dell)
  • Jonathan Ganz (UC Davis)
  • Vishak Muthukumar (UC Davis)
  • Sean Peisert (Principal Investigator; UC Davis and LBNL)
  • Steven Templeton (Lead Software Architect; UC Davis)
  • Teng Wang (UC Davis)

Past sponsor: National Science Foundation CISE/CNS and BBN/GENI Projects Office

Publications resulting from this project:

"The Hive Mind: Applying a Distributed Security Sensor Network to GENI- GENI Spiral 2 Final Project Report"
Sean Peisert and Steven Templeton
UC Davis CS Technical Report,
Sept. 4, 2013. [BibTeX] [CDL]

Lightweight Change Detection and Response Inspired by Biological Systems
Vinod Balachandran,
M.S. Thesis, Dept. of Computer Science, University of California, Davis, September 2013. [CDL]

"Security Aspects of Cyber-Physical Device Safety in Assistive Environments"
Steven Templeton,
Proceedings of the 4th International Conference on Pervasive Technologies Related to Assisted Environments (PETRA), Crete, Greece, May 25–27, 2011.

"Ant-Based Cyber Security"
Jerome N. Haack, Glenn A. Fink, Wendy M. Maiden, A. David McKinnon, Steven J. Templeton, and Errin W. Fulp,
Proceedings of the 8th International Conference on Information Technology: New Generations (ITNG), Las Vegas, NV, April 11–13, 2011.
Press on this project:

DETER Newsletter: "The Hive Mind Project -- Digital Ants for Intrusion Detection," Summer, 2011.

HPCwire: "GENI Project Receives $11.5M in NSF Funding," October 12, 2009.


The definitive versions of the papers posted on this page were first published in the venues indicated. In accordance with publisher copyright policies, these papers are pre-prints or post-prints, and are not the pubilsher's version.

Personal use of the material posted on this page is permitted. However, permission to reprint/republish this material for advertising or promotional purposes or for creating new collective works for resale or redistribution to servers or lists, or to reuse any copyrighted component of this work in other works must be obtained from the original publishers.

This material is presented to ensure timely dissemination of scholarly and technical work. Copyright and all rights therein are retained by authors or by other copyright holders. All persons copying this information are expected to adhere to the terms and constraints invoked by each author's copyright. In most cases, these works may not be reposted without the explicit permission of the copyright holder.


Last modified: Friday, 07-Aug-2015 13:44:43 PDT