Network inoculation: antivirus shield would outrace cyber infections.The best way to stop an epidemic might be to start one. That's the gist of a new strategy against computer viruses that was just unveiled by Israeli researchers. In their theoretical approach, when a computer network detects a new virus, it launches an internal counter-epidemic of self-propagating, protective messages. Upon receiving such a message, an uncontaminated computer immunizes itself against the virus. If the new method proves practical, it could give rise to network-based mechanisms-perhaps covering the entire Internet--for containing viruses, says codeveloper Eran Shir of Tel Aviv University Tel Aviv University (TAU, אוניברסיטת תל־אביב, את"א) is Israel's largest on-site university. in Ramat Aviv Ramat Aviv (Hebrew רמת אביב, Spring Highland [1]) is the name of several neighbourhoods which are located in the north and the northwestern parts of Tel Aviv, north of the Yarkon River. . Those mechanisms might replace today's ponderous pon·der·ous adj. 1. Having great weight. 2. Unwieldy from weight or bulk. 3. Lacking grace or fluency; labored and dull: a ponderous speech. See Synonyms at heavy. practice of keeping equipment safe by regularly downloading antivirus software. "This is a great and very innovative proposal that has the potential to change our computer-virus-fighting strategies" comments network specialist Albert-Laszlo Barabaisi of Harvard University and the University of Notre Dame in Indiana. In the new scheme, proposed in the December Nature Physics, network designers would scatter "honeypots" throughout a network. These are computers secretly armed with software that can trap and identify new viruses, then rapidly generate and broadcast the means to lock out the intruders. The protective message would fan out among the computers on links that only the antiviral antiviral /an·ti·vi·ral/ (-vi´ral) destroying viruses or suppressing their replication, or an agent that so acts. an·ti·vi·ral adj. mechanism could use. According to simulations by the Israeli team, severely limiting the virus' spread in a network would require relatively few honeypots. For instance, in a simulated 200,000-computer network with one honeypot A server that is configured to detect an intruder by mirroring a real production system. It appears as an ordinary server doing work, but all the data and transactions are phony. Located either in or outside the firewall, the honeypot is used to learn about an intruder's techniques as for every 250 computers, the virus would infect less than 1 percent of the computers, Shir says. Moreover, he notes, the larger the model network, the smaller the proportion of computers that the virus could overrun. The idea of self-immunizing networks isn't new, says physicist Jeffrey O. Kephart of IBM (International Business Machines Corporation, Armonk, NY, www.ibm.com) The world's largest computer company. IBM's product lines include the S/390 mainframes (zSeries), AS/400 midrange business systems (iSeries), RS/6000 workstations and servers (pSeries), Intel-based servers (xSeries) T.J. Watson Research Center in Yorktown Heights, N.Y. Starting in the 1990s, he and his colleagues have developed self-protective network architectures and software. Those fully automatic setups capture and analyze a virus and generate an antidote to it within minutes. What's most innovative about the honeypot scheme, Kephart says, is the shadow network that would transmit the immunizing messages. Those extra links could be as simple as a set of special e-mail addresses. They would enable the epidemic of immunization immunization: see immunity; vaccination. messages to take place "behind enemy lines," Shir says, and thereby gain the upper hand. "I really think this paper is highly valuable," says Alessandro Vespignani of Indiana University in Bloomington. By introducing the idea of manipulating the network topology to improve antiviral response, "it's opening a different way of thinking," he says. Could hackers commandeer com·man·deer tr.v. com·man·deered, com·man·deer·ing, com·man·deers 1. To force into military service. 2. To seize for military use; confiscate. 3. To take arbitrarily or by force. the shadow network? Shir says that protective technologies already available, such as encryption methods widely used for financial transactions on the Web, make that unlikely. Still, says Dietrich Stauffer of the University of Cologne The University of Cologne (German Universität zu Köln) is one of the oldest universities in Europe and, with over 44,000 students, the largest university in Germany. in Germany, "past experience shows ... that new defenses can be broken by new weapons. I expect [the new technique] to help, but not to solve, the problem of viruses." |
|
||||||||||||||||||||
Printer friendly
Cite/link
Email
Feedback
Reader Opinion