Page 1 of 3 123 LastLast
Results 1 to 10 of 25

Thread: Viral cure could 'immunise' the internet

  1. #1
    Senior Member
    Join Date
    Dec 2004
    Posts
    3,171

    Viral cure could 'immunise' the internet

    Viral cure could 'immunise' the internet

    * 14:35 01 December 2005
    * NewScientist.com news service
    * Kurt Kleiner



    A cure for computer viruses that spreads in a viral fashion could immunise the internet, even against pests that travel at lightning speed, a mathematical study reveals.

    Most conventional anti-virus programs use "signatures" to identify and block viruses. But experts must first analyse a virus before sending out the fix. This means that rapidly spreading viruses can cause widespread damage before being stopped.

    Some researchers have developed artificial "immune systems" that automatically analyse a virus meaning a fix can be sent out more rapidly. In practise, however, computer viruses still tend to spread too quickly.

    Now Eran Shir, and colleagues at Tel-Aviv University in Israeli, have applied network theory to the problem, and believe they have come up with a more effective solution.

    Part of the problem, the researchers say, is that countermeasures sent from a central server over the same network as the virus it is pursuing will always be playing catch-up.

    They propose developing a network of "honeypot" computers, distributed across the internet and dedicated to the task of combating viruses. To a virus, these machines would seem like ordinary vulnerable computers. But the honeypots would attract a virus, analyse it automatically, and then distribute a countermeasure.
    Healing hubs

    But the honeypots would be linked to one another via a dedicated and secure network. This way, once one has captured a virus, all the others will quickly know about the infection immediately. Each honeypot then acts as a hub of healing code which is disseminated to computers connected to it. The countermeasure then spreads out across the broader network.

    Simulations show that the larger the network grows, the more efficient this scheme should be. For example, if a network has 50,000 nodes (computers), and just 0.4% of those are honeypots, just 5% of the network will be infected before the immune system halts the virus, assuming the fix works properly. But, a 200-million-node network – with the same proportion of honeypots – should see just 0.001% of machines get infected.

    Security measures, such as encryption, would be needed to prevent viruses from exploiting the honeypot network.

    "They've shown it is possible to use this epidemically spreading immune agent to good advantage," says Jeff Kephart, a computer scientist at IBM in Hawthorne, New York, US. "The next step would be to look more carefully at the benefits and costs of this approach. I see promise in it."

    The paper only discusses the mathematical model, and there is no effective implementation as yet. But Shir plans to release a simple example program soon and hopes that volunteers or a company will eventually implement the real thing across the internet
    http://www.newscientist.com/article....ine-news_rss20
    New Scientist Breaking News - Viral cure could 'immunise' the internet

  2. #2
    Banned
    Join Date
    May 2003
    Posts
    1,004
    All good until the "fixes" break critical systems with custom applications or exotic configurations.

    cheers,

    catch

  3. #3
    Leftie Linux Lover the_JinX's Avatar
    Join Date
    Nov 2001
    Location
    Beverwijk Netherlands
    Posts
    2,534
    There was a thread about something simmilar a year or so ago..

    And we came to the same conclusion..
    ASCII stupid question, get a stupid ANSI.
    When in Russia, pet a PETSCII.

    Get your ass over to SLAYRadio the best station for C64 Remixes !

  4. #4
    Banned
    Join Date
    Jun 2005
    Posts
    445
    Howabout we distribute common sense?


    That would be far more effective than any antivirus.

  5. #5
    Senior Member
    Join Date
    Dec 2004
    Posts
    3,171
    Hi d0pp,

    You know people do not willingly accept common sense...to get people to voluntarily protect their machines you need to introduce legislation...eg. seat-belt law...I remember as a kid laying in the back of a station wagon on the highway...seat-belts never became the norm until they started making it illegal...

    common sense usually has to be ' forced ' on people.

    Eg

  6. #6
    Senior Member
    Join Date
    Sep 2005
    Posts
    332
    Seat-belt laws are stupid. That being said wouldn't this type of a thing work better if they had some sort of super computer testing the new fixes as they come out on an uncountable number of system permiataions to make sure that the fix is not going to crash systems, or at least not as many systems?
    \"He who shall introduce into public affairs the principles of primitive Christianity will change the face of the world.\"
    Benjamin Franklin

  7. #7
    Senior Member
    Join Date
    Jun 2003
    Posts
    188
    Viral technology is always going to be two steps ahead of viral technology. why ?
    because antivirus companines will go down the drain if this whole things stopped.
    Someone once said antivirus companies make antivirus on first floor and viruses on the
    second

  8. #8
    Originally posted here by warl0ck7
    Viral technology is always going to be two steps ahead of viral technology. why ?
    because antivirus companines will go down the drain if this whole things stopped.
    Someone once said antivirus companies make antivirus on first floor and viruses on the
    second
    The anti-virus/anti-malware efforts will always be playing catch up simply because it is nearly impossible to predict the future. That's just basic.

    As for the second part, I remember that claim being made back when McAfee was making all the noise about the Michaelangelo virus. McAfee generated a lot of negative publicity for himself after the non-event and there were rumors later that the AV companies were writing the viruses. Not true.

    Even if we managed to stop all future viruses, there are still old ones around from which we need our AV to protect us. I still find AntiEXE and AntiCMOS infections crop up now and then (especially from student media). I have never seen a Michaelangelo infection, btw.

  9. #9
    Jaded Network Admin nebulus200's Avatar
    Join Date
    Jun 2002
    Posts
    1,356
    Originally posted here by the_JinX
    There was a thread about something simmilar a year or so ago..

    And we came to the same conclusion..
    If memory serves it was 'code green' in response to 'code red'...

    http://www.xatrix.org/article.php?s=684
    http://www.vnunet.com/vnunet/news/21...ode-red-threat

    All the way back in 2001...can't say I'd complain too much, I STILL see tons of code red/nimda crap trying to come in our gateways...

    EDIT: Now that I have started thinking about it, I think the original basis for the concept of a 'worm' back in simpler times was a delivery mechanism for software and it wasn't until the Morris worm that they started taking on bad connotations...of course I can't back that up at the moment, but I'm sure its stuck on my brain for a reason...
    There is only one constant, one universal, it is the only real truth: causality. Action. Reaction. Cause and effect...There is no escape from it, we are forever slaves to it. Our only hope, our only peace is to understand it, to understand the 'why'. 'Why' is what separates us from them, you from me. 'Why' is the only real social power, without it you are powerless.

    (Merovingian - Matrix Reloaded)

  10. #10
    Senior Member
    Join Date
    Sep 2001
    Posts
    118
    Admittedly, the concept of a virus going around and fixing vulnerabilities is interesting, and has a lot to recommend it.

    It also has many dangers--those too have been mentioned.

    I think, though, one of the reasons why it should *not* happen is reasonably self-evident: Darwin.

    Evolutionary theory is not confined to just animals and plants and such. The same prinicples can be used on any reasonably complex system. The internet as a system [ with the various servers and clients thereon as the organisms ] works in a sort of evolutionary fashion. Those servers and clients that survive are the most robust ones, the ones most suited for the environment in which they are placed. The ones that die are the ones that are not fit to survive.

    Indeed, I'd almost postulate that regular viruses--the kind that harm, not the kind that heal--are an important, even vital part of the mix. They are the means by which selection can happen.

    A virus that wanders around patching--making more 'fit'--various systems would change the nature of the system. Those people who put organisms into the system [ computers on the internet ] would not be as concerned with making sure they're capable of surviving "because the virus will take care of it." This means that those who distribute the software would have even less impetus than the already vague 'loss of sales' that they have to make a truly robust, fit, and decently survivable piece of machinery and software than they already do.

    Though an unintended consequence could be a sort of underground open-source community of people writing these things. That could be interesting to watch....sort of a digital "Robin Hood and his Merry Men" idea.

    Granted, my analogy has holes in it [ where do braindead IT managers who insist on insecure OS's come in? ], but I think y'all can see my point.
    Got Root?



    This user powered by Linux.

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •