The problem with a lot of security software is reliance on signatures to detect malware. If the malware is new, it may bypass the security software. Intel, specifically researchers at Intel Research Berkeley, are working on a project called Proteus which will learn your behavior and detect intrusions based on statistical modeling.Proteus uses several algorithms to tailor protection based on the habits of a user. For example, the type of security software use by most IT departments has one trigger that looks at Internet traffic from a PC, sending an alarm when a preset threshold is met. A heavy downloader might trigger that alarm accidentally.
The first algorithm uses standard statistical and machine-learning techniques to monitor a person's Internet use and create individualized traffic thresholds, which should prevent false positives. A second algorithm tracks Internet use changes throughout the day since most people, if using a work laptop, will have a different Internet use profile when home than when at work.
A final algorithm monitors "calling home" activities for regularity. Such activities are frequently used to coordinate botnets.
Nina Taft, one of the researchers involved in the project, indicated that Intel is interested in getting as much of this security into hardware as possible.
"Intel is interested in getting as much [security] into hardware as possible. It's a good use of [processing] cores, and when things are in hardware, they're harder to tamper with."While Intel has already tried the system with 350 years, and is looking for a wider test deployment, of Symantec or McAfee stock needn't panic. Intel believes no one security solution can protect against all possible intrusions. It's just this sort of redundancy behind my use of both antivirus and anti-Trojan programs on my systems.
"There are so many different ways to break in," Taft said. "One will need many security checks on a computer."
0 comments:
Post a Comment