 |
|
Putting a Korset on the spread of computer viruses
September 10, 2008Anti-virus companies play a losing game. Casting their nets wide, they catch common, malicious viruses and worms (known to the industry as "malware"), but it may take days before their software updates can prepare your computer for the next attack. By then it could be too late. And some insidious programs prove immune to anti-virus software, residing inside your computer for months or even years, collecting personal information and business secrets.
But Prof. Avishai Wool and his graduate student Ohad Ben-Cohen of Tel Aviv University's Faculty of Engineering are taking a different approach. They recently unveiled a unique new program called the "Korset" to stop malware on Linux, the operating system used by the majority of web and email servers worldwide. Prof. Wool's technology puts a new spin on Internet security, and once it reaches its full potential it could put anti-virus software companies out of business. The research was presented at the Black Hat Internet security conference in Las Vegas this summer.
Stopping the Virus Before It Starts
Prof. Wool and Ben-Cohen have built an open-source software solution for servers that run on Linux. "We modified the kernel in the system's operating system so that it monitors and tracks the behavior of the programs installed on it," says Prof. Wool. Essentially, he says, they have built a model that predicts how software running on a server should work.
If the kernel senses abnormal activity, it stops the program from working before malicious actions occur. "When we see a deviation, we know for sure there's something bad going on," Prof. Wool explains.
Prof. Wool also cites the problems with costly anti-virus protection. "Our methods are much more efficient and don't chew up the computer's resources," he says. He adds that his motive is to make the Internet a safer place, not to open a new company to compete with current anti-virus software manufacturers.
Generally speaking, says Prof. Wool, anti-virus companies catch viruses "in the wild" and then send them to isolated computer labs for study. The companies then determine the unique patterns or "signatures" the malware creates. It is this signature that is sent as an anti-virus update to anti-virus subscribers. The problem is that updates take too much time to perfect and then distribute, leaving a wide window of opportunity for computer villains to attack.
"There is an ongoing battle between computer security experts and the phenomenal growth of viruses and network worms flooding the Internet," he continues. "The fundamental problem with viruses remains unsolved and is getting worse every day."
The Expert's Tips on Secure Habits
Even if end-users do everything they can to protect their computers by using anti-virus programs and firewalls, there will always be a period when your computer is vulnerable to attack, says Prof. Wool.
How to stay protected? Never click on links purporting to be from PayPal, your bank or credit card company, he warns. "Most legitimate companies like banks never ask their clients to click on links in an email," he says. "Be suspicious if a company asks you to do this -- access your account through bookmarks you've set up, or directly through the company's homepage."
Securing New Frontiers
Prof. Wool has built a number of useful technologies applicable to both today's and tomorrow's networked world. With his graduate student Danny Nebenzahl, he created a "vaccine" that can protect specific software programs like Microsoft's Outlook against unseen attacks. The basic research published in 2006 is now making its way into mainstream products.
Prof. Wool is also collaborating with Prof. Jacob Scheuer, investigating the use of fiber optics and lasers to strengthen cryptographic tools used in banking and Internet security.
Tel Aviv University
Prof. Wool and Ben-Cohen have built an open-source software solution for servers that run on Linux. "We modified the kernel in the system's operating system so that it monitors and tracks the behavior of the programs installed on it," says Prof. Wool. Essentially, he says, they have built a model that predicts how software running on a server should work.
If the kernel senses abnormal activity, it stops the program from working before malicious actions occur. "When we see a deviation, we know for sure there's something bad going on," Prof. Wool explains.
Prof. Wool also cites the problems with costly anti-virus protection. "Our methods are much more efficient and don't chew up the computer's resources," he says. He adds that his motive is to make the Internet a safer place, not to open a new company to compete with current anti-virus software manufacturers.
Generally speaking, says Prof. Wool, anti-virus companies catch viruses "in the wild" and then send them to isolated computer labs for study. The companies then determine the unique patterns or "signatures" the malware creates. It is this signature that is sent as an anti-virus update to anti-virus subscribers. The problem is that updates take too much time to perfect and then distribute, leaving a wide window of opportunity for computer villains to attack.
"There is an ongoing battle between computer security experts and the phenomenal growth of viruses and network worms flooding the Internet," he continues. "The fundamental problem with viruses remains unsolved and is getting worse every day."
The Expert's Tips on Secure Habits
Even if end-users do everything they can to protect their computers by using anti-virus programs and firewalls, there will always be a period when your computer is vulnerable to attack, says Prof. Wool.
How to stay protected? Never click on links purporting to be from PayPal, your bank or credit card company, he warns. "Most legitimate companies like banks never ask their clients to click on links in an email," he says. "Be suspicious if a company asks you to do this -- access your account through bookmarks you've set up, or directly through the company's homepage."
Securing New Frontiers
Prof. Wool has built a number of useful technologies applicable to both today's and tomorrow's networked world. With his graduate student Danny Nebenzahl, he created a "vaccine" that can protect specific software programs like Microsoft's Outlook against unseen attacks. The basic research published in 2006 is now making its way into mainstream products.
Prof. Wool is also collaborating with Prof. Jacob Scheuer, investigating the use of fiber optics and lasers to strengthen cryptographic tools used in banking and Internet security.
Tel Aviv University
Anti-virus Current Events and Anti-virus News RSSGood code, bad computations: A computer security gray area
If you want to make sure your computer or server is not tricked into undertaking malicious or undesirable behavior, it's not enough to keep bad code out of the system. Two graduate students from UC San Diego's computer science department have just published work showing that the process of building bad programs from good code using "return-oriented programming" can be automated and that this vulnerability applies to multiple computer architectures.
Genetic breakthrough supercharges immunity to flu and other viruses
Researchers at McGill University have discovered a way to boost an organism's natural anti-virus defences, effectively making its cells immune to influenza and other viruses.
Researchers discover new battleground for viruses and immune cells
Vaccines have led to many of the world's greatest public health triumphs, but many deadly viruses, such as HIV, still elude the best efforts of scientists to develop effective vaccines against them.
Iowa State chemists track how drug changes, blocks flu virus
An anti-virus drug attacks influenza A by changing the motion and structure of a proton channel necessary for the virus to infect healthy cells, according to a recently published research paper by two Iowa State University chemists.
Disease-free mosquito bred to disease-carrier can have all disease-free progeny
A decade ago, scientists announced the ability to introduce foreign genes into the mosquito genome. A year ago, scientists announced the successful use of an artificial gene that prevented a virus from replicating within mosquitoes.
New weapons needed for the war on junk email
Today's spam filters are highly effective, but they may be no match for spammers seeking new ways to fool people into visiting commercial websites or downloading rogue software carrying viruses, worms, spyware, or other dangerous applications.
Scientists learn more about how viruses reproduce, spread
Biochemists at Wake Forest University School of Medicine have made a surprising discovery about the inner workings of a powerful virus - a discovery that they hope could one day lead to better vaccines or anti-virus medications.
More Anti-virus Current Events and Anti-virus News Articles
 | Anti-Virus Tools and Techniques for Computer Systems (Advanced Computing and Telecommunications Series) by W. Timothy Polk, John P. Wack, Lawrence E. Bassham, Lisa J. Carnahan |
| FREE AVG ANTI-VIRUS DOWNLOADED MORE THAN ONE MILLION TIMES.: An article from: Computer Security Update by Gale Reference Team This digital document is an article from Computer Security Update, published by Thomson Gale on February 1, 2008. The length of the article is 450 words. The page length shown above is based on a typical 300-word page. The article is delivered in HTML format and is available in your Amazon.com Digital Locker immediately after purchase. You can view it with any web browser.Citation DetailsTitle:... | |
 | Anti-Virus Fur Dummies by G. Wirth |
| IronPort Systems combines Sophos anti-virus, Brightmail anti-spam, and IronPort Reputation Filters.: An article from: Software Industry Report This digital document is an article from Software Industry Report, published by Millin Publishing, Inc. on January 5, 2004. The length of the article is 511 words. The page length shown above is based on a typical 300-word page. The article is delivered in HTML format and is available in your Amazon.com Digital Locker immediately after purchase. You can view it with any web browser.Citation... | |
 | Virus Hunter: Thirty Years of Battling Hot Viruses Around the World by C.J. Peters, Mark Olshaker The commander of the army virology unit that battled the Ebola virus in The Hot Zone--and the current Chief of Special Pathogens at the Centers for Disease Control--teams up with the bestselling coauthor of MindHunter to chronicle his extraordinary thirty-year career fighting deadly viruses.From Central and South America to a deadly outbreak of a mystery virus in the American Southwest, from... |
| Rx PC: The Anti-Virus Handbook/Book and Disk by Janet Endrijonas There's no shortage of software that can help PC users detect and eliminate viruses attacking their computer systems, and "Computer Monthly" columnist Janet Endrijonas reviews several of them in this book - a guide to the best anti-virus programs on the market today. This book gets ailing PCs up and running fast with quick-start user tips for such programs as Virex-PC, Norton AntiVirus, PC-cillin... | |
 | Anti-Virus Solutions: A Comparative Guide |
| IronPort combines Sophos anti-virus, Brightmail anti-spam, and reputation filters.: An article from: EDP Weekly's IT Monitor This digital document is an article from EDP Weekly's IT Monitor, published by Millin Publishing, Inc. on January 5, 2004. The length of the article is 512 words. The page length shown above is based on a typical 300-word page. The article is delivered in HTML format and is available in your Amazon.com Digital Locker immediately after purchase. You can view it with any web browser.Citation... | |
| Additional anti-virus questions answered.(Follow-up): An article from: The Newsletter on Newsletters This digital document is an article from The Newsletter on Newsletters, published by Bradinal Communications on September 15, 2003. The length of the article is 481 words. The page length shown above is based on a typical 300-word page. The article is delivered in HTML format and is available in your Amazon.com Digital Locker immediately after purchase. You can view it with any web... | |
| TCEQ Needs New Anti-Virus: Norton Leaving.(Texas Commission on Environmental Quality ): An article from: Environmental Insider News This digital document is an article from Environmental Insider News, published by Environmental Insider News on May 28, 2005. The length of the article is 3770 words. The page length shown above is based on a typical 300-word page. The article is delivered in HTML format and is available in your Amazon.com Digital Locker immediately after purchase. You can view it with any web browser.Citation... |
| © 2008 BrightSurf.com |