The Hive Mind at UC Davis

Home   Members   Publications   Software   Contact

Latest News

Sept. 30, 2013

Hive Mind M.S. student contributor Vinod Balchandran finishes thesis and moves on to SAP.

Sept. 4, 2013

GENI Hive Mind Project Spiral 2 Final Project Report published.

June 30, 2013

Hive Mind visualizations now posted on YouTube.

May 3, 2013

The Hive Mind software is now available for download on GitHub.

March 19–21, 2013

Hive Mind demo at GEC16 in Salt Lake City, UT.

July 9–11, 2012

Hive Mind demo at GEC15 in Hoston, TX.

September 28, 2012

Version 0.3 of the Hive Mind software is available for download.

July 9–11, 2012

Hive Mind demo at GEC14 in Cambridge, MA.

Mar. 13–15, 2012

Hive Mind demo at GEC13 in Los Angeles, CA.

Nov. 2–4, 2011

Hive Mind demo at GEC12 in Kansas City, MO.

Aug. 4, 2011

The Hive Mind project uses the DETER testbed extensively for security evaluations.

Jul. 26–28, 2011

Poster of the Hive Mind at GEC11 in Chicago Denver

May 25–27, 2011

Digital ants for the power grid to be presented at PETRA in Greece

Apr. 11–13, 2011

"Ant-Based Cyber Security" to be presented at ITNG 2011

Nov. 2–4, 2010

Demo of the Hive Mind at GEC9 in Washington, D.C.

Sept. 2010

Early, Java-based software prototype of digital ants is released.

  The Hive Mind project was originally funded to define and prototype a security layer underlying GENI that would allow providers of the system to collaboratively defend against attacks and misuse of GENI resources. To do this, it explored an innovative method of intrusion detection based on mobile agents and swarm intelligence. The project's goal, both for GENI as well as more generally, is to provide a lightweight, decentralized, intrusion detection method that is adaptable to changing threats while communicating suspicious activity across hierarchical layers to humans who can respond when needed.

The Hive Mind approach to intrusion detection provides event correlation over an infrastructure comprised of one or more administrative enclaves, each made of a collection of device level nodes. These represent the devices in the network being monitored. Swarming sensor agents modeled after biological elements such as ants, wasps, termites, crows, and/or immune systems. These roam from node to node, searching for security relevant activity, leaving markers to communicate with other wandering agents.

The Hive Mind interposes logic-based rational agents between humans and the swarm, providing a basis for communication, interaction, and shared initiative. The goal is to augment, not replace, more traditional security mechanisms. For example, the Hive Mind should be effective where computing power is highly limited, e.g., where host-based IDSs would be impossible or in highly distributed systems without well-defined monitoring points making network-based detection infeasible. The Hive Mind could then be used in parallel with traditional firewall and intrusion detection systems.

The result of this enables environments to employ monitoring with minimal interference to the external environment.

Prototypes of the Hive Mind are currently implemented, available for download on GitHub, and have been tested on the ProtoGENI and DETER testbeds.

This project was originally funded by the National Science Foundation and the GENI Project Office under grant # CNS-0940805. Additional documentation and earlier project reports are located on our page on the GENI wiki.