Evolving the Bad Guy Eric Bonabeau, Ph.D., Icosystem Corporation http://conferences.oreillynet.com/cs/et2004/view/e_sess/4847 at the O'Reilly Emerging Technology Conference: http://conferences.oreillynet.com/et2004 2-10-04 San Diego, CA Cory Doctorow doctorow@craphound.com -- Bad guys co-evolve with your defenses -- tax code, software and NBA rules all need to constantly evolve, as does Google Evolutionary computation: represent individuals as genetic strings, i.e. 110100101 Test individuals for fitness -- how good they are at finding and exploiting loopholes Mutate and crossover to get individuals who are better and better at solving your problem -- at finding loopholes. In 2002, Sussex researchers tried to design an osscilator using evolutionary computation, but found it ended up weird because of unintentional RFI emission from a nearby PC -- Example: Identify failure modes in complex fluid control system. Control engineers can only test a fraction of all configs and scenaria, and can only imagine a small fraction of possibilities. Secondary example: ID small investments that can dramatically improve robustness. Build a genetic algorithm to represent components of the fluid control system that can contribute to catastrophic failure. These components become the genotype in the simulation. Try to identify correlated v. uncorrelated damage. Very counterintuitive for a human brain. Say a terroist attacks the system at three different points -- is there a combination of three ruptures or poisonings that creates catastrophic failures? The worst three-point ruptures turn out to involve ruptures among relatively unimportant failure points -- the combination of three minor failures is major. And these failures can be substantially mitigated by adding a single pipe-segment. -- Example: Trying to sink an unmanned sub. Discovered failure modes the engineers had never considered. We say airplanes are safe because they've been "engineered" but without nonhuman, nnonintelligent exploration of failure mode, you are NOT safe. -- Example: fighting script kiddies. Evolve simple intrusion scripts that are difficult to detect. * Build a grammar for automated script generation * Test scripts in fast simulaitons * Fitness is absence of evidence in logfiles * Select, recombine, lather, rinse and repeat Tried this against a RedHat box. Came up with examples of scripts that were very crude and left lots of footprints. These scripts were bred for fitness. -- Example: fighting Google Bombs I tend to believe that if something isn't in Google, it doesn't exist. How robust is Google to attack that artifically inflates search rankings? For example, "Miserable failure" returned, as its top result, the White House bio for GW Bush. This only took 32 well-placed links. With limited resources, you can bias sear results. But can you do it systematically? Attack: for given webpage, search term and target page: promote target page to term 1 for search result for search term Strategies: try to raise pagerank of single page that has a single outbound link to target page. Or create more complex web of interactions. We can evolve strategies to discover loopholes in Google's results even without knowing the algorithm. -- Systems are more complex than our brains can understand.