A physicist who studies the human brain has adapted dynamic logic, a machine learning algorithm he developed, to run on a test database of network traffic. The algorithm has proven surprisingly adept at identifying malware traffic. Now he ponders how the project might move forward, given that cybersecurity is entirely outside of his domain of expertise (and interest).
Dr. Leonid Perlovsky, distinguished physicist and cognitive scientist, pondered this question, which could have a significant impact on his research direction in the years to come. Over the past few decades, he had developed and refined algorithms for distinguishing objects in images, an approach that had found its way into various classified U.S. Department of Defense (DoD) applications. Now he was looking for new potential opportunities to see his research applied, allowing it to evolve further.
One of the most interesting aspects of Perlovsky’s approach was that it was very similar to that taken by the human brain in processing sensory information. It began with a very vague model of what might or might not be present in the data being examined. Through successive iterations, analogous to the layers of processing used in human sensory systems, the patterns in the data corresponding to objects would grow more and more distinct until, finally, they became recognizable. Unlike most statistical techniques, this approach—termed “dynamic logic” by Perlovsky—did not require that a model be specified in advance. As such, it was well suited for contexts that required discovery.
One application of dynamic logic that particularly impressed him involved the detection of malware in network packet data. Using an externally provided database of this traffic, his algorithm had successfully identified the presence of malware with almost eerie precision, and with substantially less processing than competing techniques. This suggested that dynamic logic could well become a powerful tool in the arsenal of IT professionals seeking to protect their systems from hackers. What other possible cybersecurity-related opportunities might be well suited to this tool?
Identifying potential opportunities represented only part of the challenge of putting dynamic logic to work. After letting the project lay dormant for several years, he had recently been approached by an energetic Brazilian master’s student who had identified ways that DL (dynamic logic) could be used. The student had also established a DL open source project on his own initiative. If that project were to move forward, Perlovsky would need to provide some encouragement and guidance. But he had his own set of questions. Was the open source path the right way to proceed? What potential application should be given highest priority? Should government or commercial funding be pursued? And the big question… Perlovsky readily acknowledged that he was no cybersecurity expert. Given that he was already actively pursuing grants from the DoD and National Institute of Health (NIH), would it really make sense to split his attention further, and look towards tackling an entirely new class of problems?
Authors: Grandon Gill, Bernardo Rodrigues
Cite as: Gill, T.G. & Rodrigues, B. (2017). Employing Dynamic Logic in Cybersecurity. Muma Case Review 2(11). 1-25. https://doi.org/10.28945/3915