COMP 5900V: Biological Approaches to Computer Security

Carleton University, Winter 2005
Course Outline

Instructor: Anil Somayaji (Office Hours: Monday and Wednesday, 1-2 PM, and by appointment)
Meeting Time: Monday 6:05-8:55 PM, January 10th through April 4th
Meeting Place: 219 TB (Tory Building), Carleton University

Official Course Description: Course on the applicability of biological metaphors to computer security. Computer immunology, autonomic computing, and computer homeostasis are compared with traditional approaches to authentication, integrity, and intrusion detection. Relevant background biology will be presented. Students will design and critique new security mechanisms.

Prerequisites: A curious, open mind and an interest in computer security. While the course is oriented towards computer science graduate students who have taken one or more courses in computer security, it should be understandable to anyone with a reasonable computer science background. Previous knowledge of biology is a plus but not essential. This course is also open to biologists who are interested in learning more about computers, and in the process a bit about biology.

Format of Course: While the early part of the course will include introductory lectures, the bulk of class time will be spent discussing assigned readings. Before beginning general discussion, one or two individuals will be randomly chosen at the beginning of class to present the basic ideas and arguments of the readings in question. While these presentations will not be specifically graded, they will count towards overall class participation. Since presentations are not assigned in advance, all class participants (registered students and listeners) are strongly encouraged to study the assigned readings for each class.

Texts: Readings will be available online through this web page. A standard biology textbook may be helpful as a supplement to the course.

Grading: Final grades will be calculated based on 60% for a class project and 40% on class participation, divided as follows:

The "reading responses" are a short (one page) write-ups that summarize the readings for a given class. A reading response is due at the beginning of each class for which there are assigned readings. I will not grade these for style or grammar (although I appreciate both); instead, I am looking for evidence that you have read and thought about the readings. You may find some papers hard to understand; if this is the case, your write-up should explain what was confusing about them. The primary purpose of these assignments is to ensure that everyone comes to class prepared.

The project outline is to be 2-5 pages in length, while the final report is to be 5-10 pages (single-spaced, 12 point font). Students will receive extensive feedback on their outline and will primarily be graded on effort. To increase the value of the outline, please make a detailed argument and include references. The final project is expected to be a polished presentation of material, complete with appropriate citations. Ideas for appropriate projects will be discussed in class.

Ethics & Intellectual Honesty: I view all students in this course as independent junior researchers. In this context, I expect everyone to uphold the highest intellectual and ethical standards. Ideas should be properly credited, whether in written or oral communications. Further, individuals should be respected, no matter how strange their ideas or presentation may seem. Disrespect to other class members will be negatively reflected in class participation grades. Significant intellectual dishonesty in any form will result in failing grades on the assignment and, as appropriate, university disciplinary action.

Special Needs Students: Students with disabilities requiring academic accommodations in this course are encouraged to contact a coordinator at the Paul Menton Centre (PMC) for Students with Disabilities and to make an appointment to meet and discuss your needs with me by January 31, 2004. I will do my best to make reasonable accommodations within the context of the course.

Daily class outline (subject to change)





Jan. 10th


Overview of class, introduction to biology.

none (Lecture refs here and here)

Jan. 17th


Artificial Life

A. K. Dewdney, Core Wars
Tom Ray, Tierra (online html, PDF)
David Ackley, Real Artificial Life

Jan. 24th


Viruses, Worms, & Epidemiology

Robert G. Webster & Elizabeth Jane Walker, Influenza
Fred Cohen, Computer Viruses - Theory and Experiments
Eugene Spafford, Computer Viruses as Artifical Life
Moore et al., Code-Red: a case study on the spread and victims of an Internet worm
Moore et al., The Spread of the Sapphire/Slammer Worm

Jan. 31th


Synthetic Diversity

Forrest et al., Building Diverse Computer Systems
Cowan et al., The Cracker Patch Choice: An Analysis of Post Hoc Security Techniques
Just and Cornwell, Review and Analysis of Synthetic Diversity for Breaking Monocultures
Somayaji, How to Win and Evolutionary Arms Race

Feb. 7rd


Immunology: negative selection & LISYS

Hofmeyr, An Interpretative Introduction to the Immune System (OPTIONAL), (PS)
Forrest et al., Self-nonself discrimination in a computer (PS)
Hofmeyr & Forrest, Architecture for an Artificial Immune System (PS)
Kim & Bentley, Evaluating Negative Selection in an Artificial Immune System for Network Intrusion Detection (PS)
Balthrop, Glickman, & Forrest, Revisiting LISYS: Parameters and Normal Behavior (PS)

Feb. 14th


Immunology, Homeostasis, & System Calls
(Anil presents pH)

Forrest et al., A Sense of Self for UNIX Processes
Somayaji & Forrest, Automated Response Using System-Call Delays
Somayaji et al., Principles of a Computer Immune System

Feb. 21st


No class: Winter Break

Read a novel

Feb. 28th


Students present project ideas
Project outline & bib. due


Mar. 7th


Infection, sharks, and systems administration

Lederberg, Infectious History (HTML)
Beck & Habicht, Immunity and the Invertebrates
Litman, Sharks and the Origins of the Vertebrate Immune System (one PDF)
Burgess, Computer Immunology

Mar. 14th


Danger Theory

Smith, Forrest, & Perelson, Immunological Memory is Associative
Medzhitov & Janeway, Decoding the Patterns of Self and Nonself by the Innate Immune System
Matzinger, The Danger Model: A Renewed Sense of Self
Aickelin & Cayzer, The Danger Theory and Its Application to Artificial Immune Systems

Mar. 21th


Autonomic Computing
Class Summary

Diegelmann & Evans, Wound Healing: An Overview of Acute, Fibrotic, and Delayed Healing
Horn, Autonomic Computing: IBM's Perspective on the State of Information Technology
Chess et al., Security in an autonomic computing environment
Want, Pering, & Tennenhouse, Comparing Autonomic and Proactive Computing

Mar. 28th


No class


Apr. 4th


Project oral presentations


Apr. 11th


Room: 5115 HP
Project oral presentations (cont.)
Final project due


I'm soma here at (Use @ to put them together to email me.)
[Home] Last modified: April 9, 2005