Immune System for the internet
...
Most conventional anti-virus programs use "signatures" to identify and block viruses. But experts must first analyse a virus before sending out the fix. This means that rapidly spreading viruses can cause widespread damage before being stopped.
Some researchers have developed artificial "immune systems" that automatically analyse a virus meaning a fix can be sent out more rapidly.
...
Eran Shir, and colleagues at Tel-Aviv University in Israel
...
propose developing a network of "honeypot" computers, distributed across the internet and dedicated to the task of combating viruses. To a virus, these machines would seem like ordinary vulnerable computers. But the honeypots would attract a virus, analyse it automatically, and then distribute a countermeasure.
...
But the honeypots would be linked to one another via a dedicated and secure network. This way, once one has captured a virus, all the others will quickly know about the infection immediately. Each honeypot then acts as a hub of healing code which is disseminated to computers connected to it. The countermeasure then spreads out across the broader network.
...
the larger the network grows, the more efficient this scheme should be. For example, if a network has 50,000 nodes (computers), and just 0.4% of those are honeypots, just 5% of the network will be infected before the immune system halts the virus, assuming the fix works properly. But, a 200-million-node network – with the same proportion of honeypots – should see just 0.001% of machines get infected.
Security measures, such as encryption, would be needed to prevent viruses from exploiting the honeypot network.
...
The paper only discusses the mathematical model, and there is no effective implementation as yet.
...
Entire Article
Most conventional anti-virus programs use "signatures" to identify and block viruses. But experts must first analyse a virus before sending out the fix. This means that rapidly spreading viruses can cause widespread damage before being stopped.
Some researchers have developed artificial "immune systems" that automatically analyse a virus meaning a fix can be sent out more rapidly.
...
Eran Shir, and colleagues at Tel-Aviv University in Israel
...
propose developing a network of "honeypot" computers, distributed across the internet and dedicated to the task of combating viruses. To a virus, these machines would seem like ordinary vulnerable computers. But the honeypots would attract a virus, analyse it automatically, and then distribute a countermeasure.
...
But the honeypots would be linked to one another via a dedicated and secure network. This way, once one has captured a virus, all the others will quickly know about the infection immediately. Each honeypot then acts as a hub of healing code which is disseminated to computers connected to it. The countermeasure then spreads out across the broader network.
...
the larger the network grows, the more efficient this scheme should be. For example, if a network has 50,000 nodes (computers), and just 0.4% of those are honeypots, just 5% of the network will be infected before the immune system halts the virus, assuming the fix works properly. But, a 200-million-node network – with the same proportion of honeypots – should see just 0.001% of machines get infected.
Security measures, such as encryption, would be needed to prevent viruses from exploiting the honeypot network.
...
The paper only discusses the mathematical model, and there is no effective implementation as yet.
...
Entire Article
posted by akhil at 4:26 AM
0 comments
