View all newsletters
Receive our newsletter - data, insights and analysis delivered to you
  1. Technology
  2. Software
January 15, 2009

Researchers punt peer-to-peer zero-day security

The software gathers data about anomalous behaviour

By Jason Stamper

Academic researchers supported by Intel have come up with a method that could lead to a new way of defending networked assets against zero-day malware attacks.

The scheme works by having peer systems share information about anomalous activity, and then prioritising a process of remediation that causes the least business impact.

The work to develop new intrusion detection procedures has been carried out by researchers at the University of California’s Davis Computer Security Laboratory.

According to reports first published in Science Daily, the system relies on an algorithm that weighs the cost of a computer being disconnected from the network against the cost of it being infected by a worm.

“Results of this ongoing process depend on the calculated probability of an attack, and on what the machine is used for. The algorithm triggers a toggle to disconnect the computer whenever the cost of infection outweighs the benefit of staying online, and vice versa.”

The software is designed to interact with existing personal firewalls and intrusion detection systems to gather data about anomalous behaviour.

A system used to process sales orders, say, would be automatically disconnected from the network only if an attack were certain, whereas a PC being used in a warehouse or store room might be quarantined as soon as the security software suspected a potential malware attack.

Content from our partners
How businesses can safeguard themselves on the cyber frontline
How hackers’ tactics are evolving in an increasingly complex landscape
Green for go: Transforming trade in the UK

It is said that Senthil Cheetancheri, who led efforts has been working for several years on the use of automated reasoning in co-operated cyber defence, is now with SonicWall.

Websites in our network
Select and enter your corporate email address Tech Monitor's research, insight and analysis examines the frontiers of digital transformation to help tech leaders navigate the future. Our Changelog newsletter delivers our best work to your inbox every week.
  • CIO
  • CTO
  • CISO
  • CSO
  • CFO
  • CDO
  • CEO
  • Architect Founder
  • MD
  • Director
  • Manager
  • Other
Visit our privacy policy for more information about our services, how New Statesman Media Group may use, process and share your personal data, including information on your rights in respect of your personal data and how you can unsubscribe from future marketing communications. Our services are intended for corporate subscribers and you warrant that the email address submitted is your corporate email address.
THANK YOU