Upload
others
View
1
Download
0
Embed Size (px)
Citation preview
1
© 2016 IBM Corporation
Security according to Leafcutter Ants Collaboration strategy based on 120 million years of warfare experience Mike Chung | Associate Partner IBM Security May 2016
2 © 2016 IBM Corporation
Items
! Why ants?
! How do ants deal with security?
! What can we learn?
2
3 © 2016 IBM Corporation
Why ants?
4 © 2016 IBM Corporation
Ants in everyday life
3
5 © 2016 IBM Corporation
Origins
6 © 2016 IBM Corporation
Classification
Hymenoptera
Formicidae
Wasps
4
7 © 2016 IBM Corporation
Classification
Hymenoptera
Formicidae Atta and Acromyrmex
Wasps Other 8 genera
8 © 2016 IBM Corporation
Eusociology
Larvae
Colony
Adults
5
9 © 2016 IBM Corporation
Eusociology
Larvae
Colony
Adult generation 1 Adult generation 2
10 © 2016 IBM Corporation
Eusociology
Larvae
Colony
Adult generation 1 Adult generation 2
Reproductive members
6
11 © 2016 IBM Corporation
Share of eusocial insects
Total number of animal species (2 million)
Number of insect species (1 million)
Eusocial insect species (0.02 million)
12 © 2016 IBM Corporation
Share of eusocial insects
Total bio-mass of animals
Eusocial insects' bio-mass (30%)
7
13 © 2016 IBM Corporation
Security according to Leafcutter Ants
14 © 2016 IBM Corporation
Life of Leafcutter Ants Cutting and gathering leaves
8
15 © 2016 IBM Corporation
Life of Leafcutter Ants Cutting and gathering leaves Gardening fungus
16 © 2016 IBM Corporation
Life of Leafcutter Ants Cutting and gathering leaves Gardening fungus Raising offspring
9
17 © 2016 IBM Corporation
Threat landscape Environmental threats:
- Flooding - Drought
Enemies:
- Predators - Competitors
18 © 2016 IBM Corporation
Threat landscape Environmental threats:
- Flooding - Drought
Enemies:
- Predators - Competitors
Pests:
- Parasitic flies - Parasitic fungi
Diseases:
- Crop diseases - Infections
10
19 © 2016 IBM Corporation
Roles
Non-reproductives
Reproductives
20 © 2016 IBM Corporation
Roles
Non-reproductives
Reproductives Queen Males Reproductive
females
11
21 © 2016 IBM Corporation
Roles
Non-reproductives
Reproductives Queen Males Reproductive
females
22 © 2016 IBM Corporation
Roles
Non-reproductives
Reproductives Queen Males Reproductive
females
Majors
Minors
12
23 © 2016 IBM Corporation
Roles
Non-reproductives
Reproductives Queen Males Reproductive
females
Majors
Minors
Soldiers Foragers
Assemblers Carers Hitchhikers Gardeners
24 © 2016 IBM Corporation
Roles
Non-reproductives
Reproductives Queen Males Reproductive
females
Majors
Minors
Soldiers Foragers
Assemblers Carers Hitchhikers Gardeners
Age
13
25 © 2016 IBM Corporation
Roles: defense
Non-reproductives
Reproductives Queen Males Reproductive
females
Majors
Minors
Predators
Competitors
Environmental threats
26 © 2016 IBM Corporation
Roles: defense
Non-reproductives
Reproductives Queen Males Reproductive
females
Majors
Minors
Predators
Competitors
Parasitic flies Parasitic fungi
Crop diseases Infections
Environmental threats
14
27 © 2016 IBM Corporation
Roles: defense
Non-reproductives
Reproductives Queen Males Reproductive
females
Majors
Minors
Predators
Competitors
Parasitic flies Parasitic fungi
Crop diseases Infections
Environmental threats
Genetic diversity
28 © 2016 IBM Corporation
Complexity of environment vs. flexibility of roles
Static roles Dynamic roles
Low complexity, e.g. desert
High complexity, e.g. rain forest
Ants
15
29 © 2016 IBM Corporation
Complexity of environment vs. flexibility of roles
Static roles Dynamic roles
Low complexity, e.g. desert
High complexity, e.g. rain forest
Ants
Humans in IT
30 © 2016 IBM Corporation
Nest architecture
Nest
Queen’s chamber
Mound
16
31 © 2016 IBM Corporation
Nest architecture
Nest
Queen’s chamber
Larvae & cocoons chamber
Waste chamber
Mounds “Emergency” exit/entrance
Main tunnel
Penduncle
Egg’s chamber
32 © 2016 IBM Corporation
Nest architecture
Nest
Queen’s chamber
Empty chamber Larvae & cocoons chamber
Fungus chamber
Waste chamber Fungus
chamber
Alternate chamber
Mounds “Emergency” exit/entrance
Main tunnel
Penduncle
Egg’s chamber
17
33 © 2016 IBM Corporation
Nest architecture: defense components
Nest
Queen’s chamber
Empty chamber Larvae & cocoons chamber
Fungus chamber
Waste chamber Fungus
chamber
Alternate chamber
Mounds “Emergency” exit/entrance
Main tunnel
Penduncle
Egg’s chamber
Hard surface
34 © 2016 IBM Corporation
Nest architecture: defense components
Nest
Queen’s chamber
Empty chamber Larvae & cocoons chamber
Fungus chamber
Waste chamber Fungus
chamber
Alternate chamber
Mounds “Emergency” exit/entrance
Main tunnel
Penduncle
Egg’s chamber
Hard surface
Multiple exits/entrances
18
35 © 2016 IBM Corporation
Nest architecture: defense components
Nest
Queen’s chamber
Empty chamber Larvae & cocoons chamber
Fungus chamber
Waste chamber Fungus
chamber
Alternate chamber
Mounds “Emergency” exit/entrance
Main tunnel
Penduncle
Egg’s chamber
Hard surface
Multiple exits/entrances
Escape rooms
Blocks
Blocks
36 © 2016 IBM Corporation
Nest architecture: defense components
Nest
Queen’s chamber
Empty chamber Larvae & cocoons chamber
Fungus chamber
Waste chamber Fungus
chamber
Alternate chamber
Mounds “Emergency” exit/entrance
Main tunnel
Penduncle
Egg’s chamber
Hard surface
Multiple exits/entrances
Escape rooms
Blocks
Blocks
Sanitation
Disinfection
Humidity and temperature regulation
19
37 © 2016 IBM Corporation
Risk-spreading and alternatives
Nest
Queen
Nuptial flights
New nest
New queen
38 © 2016 IBM Corporation
Risk-spreading and alternatives
Nest
Queen
Nuptial flights
New nest
New queen
Merging/joining
Usurping
Hibernation
20
39 © 2016 IBM Corporation
Continuity alternatives
Threat(s) Plan A: Fight back Continuation of colony
Plan C: Disperse (only when reproductive females present)
B1: Join
Survival of genes
Plan B: Move to family nest
B2: Usurp
40 © 2016 IBM Corporation
Security-driven architecture
Leafcutter Ants
Security prerequisites
No single point of failure
Flexible nest architecture
21
41 © 2016 IBM Corporation
Security-driven architecture
Leafcutter Ants Humans in IT
Security prerequisites
No single point of failure
Flexible nest architecture
Financial/business prerequisites
“Crown jewels”
Inflexible IT architecture
42 © 2016 IBM Corporation
Communication
Pheromones ALERT!
Pheromone and poison detection
Touch communication
22
43 © 2016 IBM Corporation
Communication
Poison excretion DANGER!
Pheromones ALERT!
Stridulation HELP!
Pheromone and poison detection
Vibration detection
Touch communication
44 © 2016 IBM Corporation
Communication: information sharing
Potential threat
Colony/group of ants
Ant 1
23
45 © 2016 IBM Corporation
Communication: information sharing
Potential threat
Colony/group of ants
Pheromone mark
Ant 1
46 © 2016 IBM Corporation
Pheromone mark
Communication: information sharing
Potential threat
Colony/group of ants
Ant 1
Ant 2, 3
24
47 © 2016 IBM Corporation
Communication: information sharing
Potential threat
Colony/group of ants
Ant 1
Ant 2, 3
48 © 2016 IBM Corporation
Communication: information sharing
Potential threat
Colony/group of ants
Ant 1
Many ants
Ant 2, 3
25
49 © 2016 IBM Corporation
Collaboration
Threat(s) Information gathering
50 © 2016 IBM Corporation
Collaboration
Threat(s) Information gathering Immediate alert Massive response
Grave danger
26
51 © 2016 IBM Corporation
Collaboration
Threat(s) Information gathering Immediate alert Massive response
Alert Correlation
Grave danger
Local danger
Response
52 © 2016 IBM Corporation
Collaboration
Threat(s) Information gathering Immediate alert Massive response
Alert
Collective storage of events
Correlation
Grave danger
Local danger
False alarm
Response
Sharing of information
27
53 © 2016 IBM Corporation
Shared collective ledger of knowledge
1
Communication
54 © 2016 IBM Corporation
Shared collective ledger of knowledge
1
Communication
2
Update
28
55 © 2016 IBM Corporation
Shared collective ledger of knowledge
1
Communication
2
Update
3 Consensus and validation
56 © 2016 IBM Corporation
Shared knowledge
Leafcutter Ants Humans in IT
29
57 © 2016 IBM Corporation
Threat landscape Environmental threats:
- Flooding - Drought
Enemies:
- Predators - Competing ants
Pests:
- Parasitic flies - Parasitic fungi
Diseases:
- Crop diseases - Infections
58 © 2016 IBM Corporation
Mitigations Environmental threats:
• Alternative locations
• “Hibernation”
Enemies:
• Nest architecture • Physical defense mechanisms
Pests:
• Polyethism • Ventilation system
Diseases:
• Sanitation • Polyandry (genetic diversity)
30
59 © 2016 IBM Corporation
Recommended literature
! Bert Hölldobler, Edward O. Wilson: The Leafcutter Ants, Civilation by Instinct, 2011
! Bert Hölldobler, Edward O. Wilson: The Super-Organism, The Beauty, Elegance, and Strangeness of Insect Societies, 2009
! Deborah M. Gordon: Ant Encounters, Interaction Networks and Colony Behavior, 2010
60 © 2016 IBM Corporation
Contact details
Drs. Mike Chung RE CISSP
Associate Partner IBM Security
+31 6 2565 7593