Sign In

Communications of the ACM

ACM TechNews

Internet 'Immune System' Could Block Viruses


View as: Print Mobile App Share: Send by email Share on reddit Share on StumbleUpon Share on Hacker News Share on Tweeter Share on Facebook

Credit: iStockphoto

A system that fights highly infectious computer viruses by embedding defense mechanisms in key parts of the Internet has been developed by University of North Carolina at Chapel Hill researcher Scott Coull and Rensselaer Polytechnic Institute professor Boleslaw Szymanski.

The modus operandi of computer worm infection is malware scanning the Internet for vulnerable computers and transferring itself to those systems. Coull and Szymanski say the isolation of worms entails coaxing the Internet's core computers or autonomous systems to collaborate, and each system is managed by an Internet service provider.

In their model, the researchers imbued each system with the ability to spot a compromised computer, which may announce itself by making a series of random requests to link to other computers, the majority of which will fail. Once a threat within the autonomous system's network is detected, the system stops receiving and forwarding messages from the infected computer, and also notifies its peer autonomous systems about the identity of the threat. Upon the recognition of a genuine threat, all autonomous systems can contain the compromised computer or computers and halt the worm's spread.

Coull and Szymanski's model indicates that the viability of this strategy depends on cooperation between about 30%–35% of the autonomous systems in the Internet. Collaboration and trust between the ISPs running the systems would be essential, Coull says.

From New Scientist
View Full Article

 

Abstracts Copyright © 2009 Information Inc., Bethesda, Maryland, USA


 

No entries found