嘿嘿视频

Computers unite in low-cost fight against worms

Thanks to an ingenious new strategy devised by 嘿嘿视频 and Intel Corp. researchers, computer network administrators might soon be able to mount effective, low-cost defenses against self-propagating infectious programs known as worms.

Many computers are already equipped with software that can detect when another computer is attempting to attack it. Yet the software usually cannot identify newly minted worms that do not share features with earlier marauders.

When network managers detect suspicious activity, they face a major dilemma, said Senthil Cheetancheri, who led efforts to develop the strategy. 鈥淭he question is, 鈥楽hould I shut down the network and risk losing business for a couple of hours for what could be a false alarm, or should I keep it running and risk getting infected?鈥欌

Cheetancheri, a graduate student in the Computer Security Laboratory at 嘿嘿视频 when he did the work, showed that the conundrum can be overcome by enabling computers to share information about anomalous activity. As signals come in from other machines in the network, each computer compiles the data to continually calculate the probability that a worm attack is under way.

鈥淥ne suspicious activity in a network with 100 computers can鈥檛 tell you much,鈥 he said. 鈥淏ut when you see half a dozen activities and counting, you know that something鈥檚 happening.鈥

The second part of the strategy is an algorithm that weighs the cost of a computer鈥檚 being disconnected from the network against the cost of it being infected by a worm.

The study appeared in 鈥淩ecent Advances in Intrusion Detection, 2008,鈥 the proceedings of a symposium that was held in Cambridge, Mass., last September.

嘿嘿视频-affiliated researchers who worked with Cheetancheri on the study: Jeff Rowe, research scientist in the Computer Security Laboratory; and computer science professors Karl Levitt and Felix Wu.

Media Resources

Dave Jones, Dateline, 530-752-6556, dljones@ucdavis.edu

Primary Category

Tags