A new type of security software, developed by WFU and PNNL has digital "ants" swarm on malware threats, such as worms, to allow their detection and removal. (Source: Serving Haus)
Ants may soon be defending your work computer against worms
Windows XP and Vista certainly
has them... even
OS X has them. Computer "worms" capable of
replicating and spreading over networks and removable media are a
perennial security headache. Now researchers are turning to an
exotic
scheme to help stomp out pesky malware like worms.
Security
researchers found inspiration in the common ant.
Describes Wake Forest University Professor of Computer Science Errin
Fulp, "In nature, we know that ants defend against threats very
successfully. They can ramp up their defense rapidly, and then
resume routine behavior quickly after an intruder has been stopped.
We were trying to achieve that same framework in a computer
system."
WFU created digital "ants" --
utilities that migrate from computer to computer over networks
searching for threats. When one locates a threat, others
congregate on it, using so-called "swarm intelligence".
The approach allows human researchers to quickly identify and
quarantine dangerous files by watching the activity of the ants.
The
research could open up a new era of antivirus. Typically,
antivirus programs are large and require a lot of resources.
Slimmer programs, like Microsoft's upcoming antivirus
freeware, are in the works, but resource consumption remains a
significant issue.
The WFU approach is decidedly different as
instead of having a monolithic AV program running on every network
computer, the plan is to have 3,000 types of ants, each capable of
detecting a specific malware signature. The ants drop logs akin
to real world ants' scent trails. "Stronger" log
scents indicate a detected threat and clue ants (of any type) to
swarm on the infected machine.
To prevent accidental spread of
the ants, the ants require a "sentinel" utility program to
be running on the computer to keep them alive. Another
"sergeant" program allows administrators to monitor the
colony, tweak levels of certain ants, and perform other monitoring
and maintenance functions.
The system has successfully
detected a worm introduced by researchers onto a computer network.
Glenn Fink, a research scientist at Pacific Northwest National
Laboratory (PNNL) who coauthored the study and first dreamed up the
idea of emulating ants and Professor Fulp are both using the results
in their master theses. Additionally, a larger trial of the
system is currently in process.
The researchers say that the
approach shows the greatest promise for large homogenous networks
(with similar hardware and software on each workstation) such as
governments, large corporations and universities.
"Paying an extra $500 for a computer in this environment -- same piece of hardware -- paying $500 more to get a logo on it? I think that's a more challenging proposition for the average person than it used to be." -- Steve Ballmer
|
Most Popular ArticlesReport: Microsoft Eyes Return to "Dying" Windows 7 Path After Windows 8 Flop
May 13, 2013, 9:50 AM
Windows 8.1 Will Be Free; Microsoft Holds Onto Struggling ARM Variant
May 14, 2013, 2:57 PM
Bill Gates Gets Teary-Eyed While Discussing Steve Jobs, Shows Off Life-Saving Tech on 60 Minutes
May 13, 2013, 12:30 PM
Google Announces "Pure" Galaxy Nexus S4 for $649, Android Updates
May 15, 2013, 1:42 PM
Google's Eric Schmidt: "Don't Be Evil" was Stupid
May 14, 2013, 11:00 AM
|
