Basic Genetic Algorithm pattern for use in self-organizing agile security

Abstract

Security strategies and techniques are falling behind the agile pace of adversarial innovative capabilities. A project is underway that has identified six so-called SAREPH characteristics of adversarial self-organizing agility, and is now cataloging patterns toward a pattern language of self-organizing security techniques thatcan be employed for equal or superior security agility. Many such patterns have recently been developed. This paper adds the Genetic Algorithm (GA) to the catalog. The essence of a GA is to express the problem to be optimized in terms of a "fitness function" that evaluates how well candidates optimize the solution. In natural evolution fitness is an organism's ability to survive and reproduce. Computing applications abstract fitness to match the problem at hand, such as an Intrusion Detection System attempting to correlate seemingly unrelated events that collectively constitute a threat Reviewed first are the pattern project and the general nature of the GA. A reusable generic pattern description is developed. Howthe pattern conforms to the SAREPH characteristics is shown. Then three examples from the literature show howthe pattern is employed in SAREPH conformity: predator-prey behavior evolution in robotswarms, future behavior prediction in financially traded stocks, and attack detection in an Intrusion Detection System.