Three researchers are working on a new method of detecting malicious code. The approach is basically based on mimicking ant behavior. So far it is in a development stage but has already identified a worm that was purposely introduced into a network of computers. The so called digital ants depend on agents so called "sentinels" installed on each machine, which in report back to so called "sergeants" on the network that are monitored by humans.
According to an article on Physorg.com the system only works in large networks where computers have the same build. Which means: If an "ant" sees a deviation from the standard build it will alert others to inspect what it could be. Just that it does not happen in real-time. Most infections require to act fast (i.e. a keyboard logger are sending your credit card data across as you type). Also the number of ants is concerning...the researches already planning on having 3,000 different type of ants. Is this another signature based approach?
Again a technology that only works in large networks/clouds. What about the typical corporation that has a sales force with laptops that randomly connects to check just email?
Here is the article - Ants vs worms: New computer security mimics nature
1SSA - Security Consulting, Training and Products
skip to main |
skip to sidebar
Solutions that protect your assets and people in a changing world
The latest news around Information Security from various sources.
Solutions that protect your assets and people in a changing world
Who is reading
Search This Blog
Security News Digest
Posts
Subscribe Email
Digg & Twitter
 |
Disclaimer
Links to third party Web sites on this Site are provided solely as a convenience to you. If you use these links, you will leave this Site. 1SSA has not reviewed all of these third party sites and does not control and is not responsible for any of these sites or their content. Thus, 1SSA does not endorse or make any representations about them, or any information, software or other products or materials found there, or any results that may be obtained from using them. If you decide to access any of the third party sites linked to this Site, you do this entirely at your own risk.
References/Quotes/Copyright
It is hereby granted to Copy/Link/Quote material found on the 1SSA Blog, but only(!) when a reference to the 1SSA site or this blog is being made.
References/Quotes/Copyright
It is hereby granted to Copy/Link/Quote material found on the 1SSA Blog, but only(!) when a reference to the 1SSA site or this blog is being made.