BIOLOGICAL INSPIRATION FOR COMPUTING 259
8.2.5 Immunology and Computer Security^37
The mammalian immune system is an information processor—this is clear from its ability to distin-
guish between self and nonself. (Section 5.4.4.3 provides a brief introduction to the immune system.)
Some have thus been drawn to the architecture of the immune system as a paradigm of information
processing that might be useful in solving a variety of different computational problems. Immunologi-
cal approaches have been proposed for solving problems in computer security, semantic classification
and query, document and e-mail classification, collaborative filtering problem, and optimization.^38 This
section concentrates on computer security applications.
8.2.5.1 Why Immunology Might Be Relevant
Computer and network security is intended to keep external threats at bay, and this remains an
intellectually challenging problem of the highest order. It is useful to describe two general approaches
to such security problems. The first, widely in use today, is based on the notion of what might be called
environmental control—the idea that by adequately controlling the environment in which a computer
or network functions, better security can be obtained. The computer or network environment is defined
broadly, to include security policy (who should have what rights and privileges), resources (e.g., pro-
grams that provide users with computing or communications capability), and system configuration. In
support of this approach, a number of reports^39 cite security problems that arise from flaws in security
policy, bugs in programs, and configuration errors and argue that correcting these flaws, bugs, and
errors will result in greater security.
A complementary approach is to take as a given the inability to control the computing or network
environment.^40 This approach is based on the idea that computer security can result from the use of
system design principles that are more appropriate for the imperfect, uncontrolled, and open environ-
ments in which most computers and networks currently exist. Note that there is nothing mutually
exclusive about the two approaches—both could be used in the design of an effective overall approach
to system or network security.
For inspiration in addressing problems in computer security, some researchers have considered the
immune system and the unpredictable and largely hostile environment in which it functions.^41 That is,
the unpredictable pathogens to which the immune system must respond are analogous to some of the
threats that computer systems face, and the principles underlying the operation of the immune system
may provide new approaches to computer security.
8.2.5.2 Some Possible Applications of Immunology-based Computer Security
A variety of loose analogies between computer security and immunology are intuitively obvious,
and there is clearly at least a superficial conceptual connection between the protection afforded to
(^37) The discussion in Section 8.2.5 owes much to Stephanie Forrest of the University of New Mexico.
(^38) For a view of the immune system as information processor, see S. Forrest and S. Hofmeyr, “Immunology as Information
Processing,” Design Principles for Immune Systems and Other Distributed Autonomous Systems, L.A. Segal and I.R. Cohen, eds.,
Oxford University Press, 2000. For an overview of various applications of an immunological computing paradigm, see
http://www.hpl.hp.com/personal/ Steve_Cayzer/downloads/030213ais.ppt and references therein.
(^39) National Research Council, Cybersecurity Today and Tomorrow: Pay Now or Pay Later, National Academy Press, Washington,
DC, 2002.
(^40) This discussion is based on A. Somayaji, S. Hofmeyr, and S. Forrest, “Principles of a Computer Immune System,” Proceedings
of the 1997 Workshop on New Security Paradigms, ACM Press, Langdale, UK, 1998, pp. 75-82.
(^41) One of the first papers to suggest that self-nonself discrimination, as used by the immune system might be useful in computer
security was by S. Forrest, A.S. Perelson, L. Allen, and R. Cherukuri, “Self-nonself Discrimination in a Computer,” Proceedings of the
1994 IEEE Symposium on Research in Security and Privacy, IEEE Computer Society Press, Los Alamitos, CA, 1994, pp. 202-212. This
paper focused mainly on the issue of protection against computer viruses but set the stage for a great deal of subsequent work.