A new type of security software, developed by WFU and PNNL has digital "ants" swarm on malware threats, such as worms, to allow their detection and removal. (Source: Serving Haus)
Ants may soon be defending your work computer against worms
Windows XP and Vista certainly
has them... even
OS X has them. Computer "worms" capable of
replicating and spreading over networks and removable media are a
perennial security headache. Now researchers are turning to an
exotic
scheme to help stomp out pesky malware like worms.
Security
researchers found inspiration in the common ant.
Describes Wake Forest University Professor of Computer Science Errin
Fulp, "In nature, we know that ants defend against threats very
successfully. They can ramp up their defense rapidly, and then
resume routine behavior quickly after an intruder has been stopped.
We were trying to achieve that same framework in a computer
system."
WFU created digital "ants" --
utilities that migrate from computer to computer over networks
searching for threats. When one locates a threat, others
congregate on it, using so-called "swarm intelligence".
The approach allows human researchers to quickly identify and
quarantine dangerous files by watching the activity of the ants.
The
research could open up a new era of antivirus. Typically,
antivirus programs are large and require a lot of resources.
Slimmer programs, like Microsoft's upcoming antivirus
freeware, are in the works, but resource consumption remains a
significant issue.
The WFU approach is decidedly different as
instead of having a monolithic AV program running on every network
computer, the plan is to have 3,000 types of ants, each capable of
detecting a specific malware signature. The ants drop logs akin
to real world ants' scent trails. "Stronger" log
scents indicate a detected threat and clue ants (of any type) to
swarm on the infected machine.
To prevent accidental spread of
the ants, the ants require a "sentinel" utility program to
be running on the computer to keep them alive. Another
"sergeant" program allows administrators to monitor the
colony, tweak levels of certain ants, and perform other monitoring
and maintenance functions.
The system has successfully
detected a worm introduced by researchers onto a computer network.
Glenn Fink, a research scientist at Pacific Northwest National
Laboratory (PNNL) who coauthored the study and first dreamed up the
idea of emulating ants and Professor Fulp are both using the results
in their master theses. Additionally, a larger trial of the
system is currently in process.
The researchers say that the
approach shows the greatest promise for large homogenous networks
(with similar hardware and software on each workstation) such as
governments, large corporations and universities.
"Intel is investing heavily (think gazillions of dollars and bazillions of engineering man hours) in resources to create an Intel host controllers spec in order to speed time to market of the USB 3.0 technology." -- Intel blogger Nick Knupffer
|
Most Popular ArticlesWindows 8 Dates Leaked, Windows 7 Hits 10 Percent Market Share, IE 8 Now Top Browser
February 3, 2010, 9:05 AM
Former VP Says Microsoft is "Failing" Despite Windows 7 Profits
February 4, 2010, 11:11 AM
MIT Creates World's First Computer-Ready Germanium Laser
February 5, 2010, 1:20 PM
Apple Offers Bounty to Take Yellow IMacs Off UK Owners' Hands
February 5, 2010, 10:20 AM
Crucial's 6Gbps C300 Hits Stores February 22, Targets Intel
February 3, 2010, 12:20 PM
|