Dutch TNO develops self-healing software against cyber attacks
The Dutch bank ABN Amro will be the first to use the 'self healing security’ software, which is based on the human body's own immune system.
Internet scams and sabotage are commonplace. Consequently, the value of cybersecurity is becoming increasingly important in our society. Just last week, there was a serious leak in a Microsoft mail program. This will likely force companies to be extra vigilant against ransomware and other attacks on digital systems for weeks to come.
Fortunately, science is not standing idly by. One of the organizations working against cyber attacks in the Netherlands is the Netherlands Organisation for Applied Scientific Research (TNO). One of their most recent solutions is a software program inspired by the human immune system.
Banks
Last Friday, TNO announced that the ABN-AMRO bank will be the first organization to use the “self-healing security” software in the fight against cyber attacks. But other partners from the financial world are also in the starting blocks, including ING, Achmea, de Volksbank, and Rabobank.
“Basically, we started from the way cells in the human body fight viruses and bacteria and renew themselves,” says Bart Gijsen, project leader of the Self Healing Security project at TNO.
The Disposability Principle
Gijsen explains that there is a fundamental difference between ICT systems and the human immune system. This is referred to as the ‘disposability’ or replacement principle.
This principle essentially means that the body replaces its own biological cells once in a while. This ensures that cells that have become infected without being noticed only temporarily make the body ill. In addition, the immune system uses this replacement process to kill cells suspected infected cells. They are then be replaced by healthy cells.
Two improvements
Of course, it would be wonderful if ICT systems could also incorporate this disposability principle. That would offer two improvements for cyber security. Firstly, protection against undetected infection attacks. And secondly, an automatic intensification of that protection in the event of a suspected attack.
These are two cyber security tactics that have so far been very difficult to implement. TNO: “The challenge was in building a system that is decentralized, repairs itself and recognizes the moment when this needs to happen.”
They are building on the existing ICT technology for the innovation: Kubernetes. This is a system that provides the capabilities to manage computer infrastructure and the ability to restart and refresh. But another functionality has been added to this software so that containers (types of virtual computer server) renew themselves at regular intervals.
This refreshal ensures that there are more moments at which cyber attacks can be intercepted. In addition, there is an anomaly detection function in the software that ensures that containers with anomalous behavior are immediately killed without having to pass through a central system. This Action can be taken much faster and more locally this way if something is wrong.
Software will be available to the public
According to TNO, the software will soon be made publicly available under the slogan “together, we are strong” so that everyone can apply it and modify it.
TNO has been working with various partners for some time now on improving cybersecurity. One of the ways this is done is in the Shared Research Program (SRP) Cyber Security. Their joint intention is clear: the results of research and projects must help society to arm itself against the cyber-attacks of tomorrow.