‘Suicide Nodes’ Defend Networks From Within
New Scientist (11/01/07) Marks, Paul
University of Cambridge researchers have developed a computer defense system that mimics how bees sacrifice themselves for the greater good of the hive. The approach starts by giving all the devices on a network, or nodes, the ability to destroy themselves, and take down any nearby malevolent devices with them. The self-sacrifice provision provides a defense against malicious nodes attacking clean nodes.
“Bee stingers are a relatively strong defense mechanism for protecting a hive, but whenever the bee stings, it dies,” says University of Cambridge security engineer Tyler Moore. “Our suicide mechanism is similar in that it enables simple devices to protect a network by removing malicious devices–but at the cost of its own participation.”
The technique, called “suicide revocation,” allows a single node to quickly decide if a nearby node’s behavior is malevolent and to shut down the bad node, but at the cost of deactivating itself. The node also sends an encrypted message announcing that itself and the malevolent node have been shut down. The purpose of the suicide system is to protect networks as they become increasingly distributed and less centralized.
Similar systems allow nodes to “blackball” malicious nodes by taking a collective vote before ostracizing the malicious node, but the process is slow and malicious nodes can outvote legitimate nodes. “Nodes must remove themselves in addition to cheating ones to make punishment expensive,” says Moore. “Otherwise, bad nodes could remove many good nodes by falsely accusing them of misbehavior.”