Guardlets are evolving cooperative agents whose goal is to provide in-depth network security through TAAD (Threat Analysis And Denial). Guardlets are Genetically Programmed (GP) network security agents evolved by subjecting them to attacks formulated through well-established Intrusion Detection System (IDS) rule bases, as well as other means.
Guardlets can perform notification of attacks, and if desired, generation of new attack signatures for inclusion into existing operational IDS. It is also possible to produce active firewall modifications based on output from evolved agents to secure the network in real-time.
The applet below is an animated representation of the evolving agents as they assess and act upon a threat. The center of the screen represents potentially disruptive traffic patterns which increase suspicion of intrusion. The attacker, displayed in red when 'Start Evolution' is clicked, attempts to access the central area. The Guardlets then interpose themselves between the attacker(s) and the resource-critical areas. Guardlets evolve better cooperation and more effective defense based on fitness from generation to generation determined by how well they perform their tasks.
The Guardlets operate on simple rules governing attraction to the center, each other, and Clients. Successful performance using these rules determines the fitness of each generation. In the operational Guardlets system, similar methodology is used to produce cooperative evolving agents to analyze and deny threats.
The Guardlets Simulator applet and instructions are presented below. For more details, see Guardlets Simulator description or click the Show Help and Show Rules buttons.
Click here to learn more about the Genetic Algorithm, Genetic Programming, and eXtreme Genetic Programming