Using Biological Agents to Search and Surveil Adversary Strong-Holds
As we all know, the Internet lacks inherent security, thus an organization has to assume that adversaries (nodes executing known hacker software) exists just outside of their home network (and likely inside their networks as well). I would like for you to look to the ubiquity of Internet of Things (IoT) devices and the biology of ant foraging behaviors to serve as an analogous system for new security solutions (situational awareness) in this space. Using the randomized search foraging behavior exhibited by browsing ants, I would like for you to create a searching protocol that is capable of scouting out Grey Space (space between home and an adversarial’ s network) in the hopes of profiling nearby networks on the Internet. Specifically, your goal is to detect any adversarial movements in Grey Space without alerting the adversary. This protocol should function by using IoT nodes as ants, which exhibit a stealthy randomized foraging behavior. The end result of this behavior over time should build a database of information about the Grey Space network environment immediately surrounding the home network. This approach should be stealthy due to a randomized, slow, and distributed Internet scale network scanning behavior (ant foraging) using IoT devices. The “Internet Census 2012” took a similar approach as this, but unlike the “Internet Census 2012” this approach is legal since the IoT nodes (ants) would be owned assets that execute instances of this search algorithm and report to a central authority (another owned asset) that aggregates the responses from all of the ants into a centralized map and monitors adversary movements.
These instructions will get you a copy of the project up and running on your local machine for development and testing purposes. See deployment for notes on how to deploy the project on a live system.
deploy VM
install snort: https://cyberpersons.com/2016/07/18/install-snort-ubuntu/