AOA Forums AOA Forums AOA Forums Folding For Team 45 AOA Files Home Front Page Become an AOA Subscriber! UserCP Calendar Memberlist FAQ Search Forum Home


Go Back   AOA Forums > Software > Data Security

Data Security Viruses, Firewalls and Safe computing


Reply
 
LinkBack Thread Tools Rate Thread
  #1 (permalink)  
Old 9th February, 2010, 07:51 PM
Daniel ~'s Avatar
Chief BBS Administrator
 
Join Date: September 2001
Location: Seattle Wa.
Posts: 45,606

Researchers Develop Code That Stops Local Scanning Worms

In tests, algorithm was an efficient estimator of worm virulence and could determine the size of the susceptible host population after only a few infections...

[Front page...]
__________________
"Though all men live in ignorance before mystery,
they need not live in darkness...
Justice is foundation and Mercy ETERNAL
."
DKE

"All that we do is touched by Ocean
Yet we remain on the shore of what we know."
Richard Wilbur

[img]/forum/attachments/random-nonsense/16515-sigs-dan_drag.jpg[/img]
Subscribers! Ask Pitch about a Custom Sig Graphic

Digg this Post!Add Post to del.icio.usBookmark Post in TechnoratiFurl this Post!
Reply With Quote
  #2 (permalink)  
Old 10th February, 2010, 12:46 PM
Chief Systems Administrator
 
Join Date: September 2001
Location: Europe
Posts: 13,075

That's great, but doesn't it require knowledge that an infection has occurred first?
__________________
Digg this Post!Add Post to del.icio.usBookmark Post in TechnoratiFurl this Post!
Reply With Quote
  #3 (permalink)  
Old 10th February, 2010, 08:20 PM
Daniel ~'s Avatar
Chief BBS Administrator
 
Join Date: September 2001
Location: Seattle Wa.
Posts: 45,606

Can it be use with just the assumption one has an infection Aedan?
__________________
"Though all men live in ignorance before mystery,
they need not live in darkness...
Justice is foundation and Mercy ETERNAL
."
DKE

"All that we do is touched by Ocean
Yet we remain on the shore of what we know."
Richard Wilbur

[img]/forum/attachments/random-nonsense/16515-sigs-dan_drag.jpg[/img]
Subscribers! Ask Pitch about a Custom Sig Graphic


Last edited by Daniel ~; 11th February, 2010 at 01:14 AM.
Digg this Post!Add Post to del.icio.usBookmark Post in TechnoratiFurl this Post!
Reply With Quote
  #4 (permalink)  
Old 10th February, 2010, 11:00 PM
PorPorMe's Avatar
Member
 
Join Date: January 2008
Location: Othello, Wa
Posts: 3,207

Quote:
Originally Posted by Daniel ~ View Post
Can it be use with just the assumption on has Aedan?
I know this makes sense if you are the one saying it but it does lose something when trying to read it!
__________________
AOA Team fah


1ST * Asus M5A99FX Pro r 2.0 *AMD FX 8350 Black Edition *Cooler Master MasterLiquid 240 CPU Cooler * Crucial 16g DDR3 * MSI Geforce GTX 1050 * Antec 650w* Thermaltake V9 Case
2nd Asus M5A99fx Pro R2.0 Mainboard *AMD FX 4300 Black edition * l6g Crutial DDR3 * Evga Geforce Gt 730 * Coolermaster Dual fan HSF * 500w Thermaltake PSU * 320g western digital HDD


Digg this Post!Add Post to del.icio.usBookmark Post in TechnoratiFurl this Post!
Reply With Quote
  #5 (permalink)  
Old 10th February, 2010, 11:55 PM
Gizmo's Avatar
Chief BBS Administrator
BassTeroids Champion, Global Player Champion, Aim & Fire Champion, Puzzle Maniax Champion, Othello Champion, Canyon Glider Champion, Unicycle Challenge Champion, YetiSports 9: Final Spit Champion, Zed Champion
 
Join Date: May 2003
Location: Webb City, Mo
Posts: 16,178
Send a message via ICQ to Gizmo Send a message via AIM to Gizmo Send a message via MSN to Gizmo Send a message via Yahoo to Gizmo Send a message via Skype™ to Gizmo

If I read the article correctly, it works based on activity thresholds. In other words, you have to have some idea of what 'normal' activity for your network looks like, and then you can use it to quarantine systems that suddenly produce 'abnormal' activity.

Thing is, this kind of tool can be defeated as long as you keep the worm's activity below the threshold. Obviously, this would also slow down the worm, and it's probably easier said than done, but the principle is still valid.
Digg this Post!Add Post to del.icio.usBookmark Post in TechnoratiFurl this Post!
Reply With Quote
  #6 (permalink)  
Old 11th February, 2010, 01:15 AM
Daniel ~'s Avatar
Chief BBS Administrator
 
Join Date: September 2001
Location: Seattle Wa.
Posts: 45,606

Quote:
Originally Posted by PorPorMe View Post
I know this makes sense if you are the one saying it but it does lose something when trying to read it!
Mt bad!! Sorry I've corrected my post/question. Thanks PPM!
__________________
"Though all men live in ignorance before mystery,
they need not live in darkness...
Justice is foundation and Mercy ETERNAL
."
DKE

"All that we do is touched by Ocean
Yet we remain on the shore of what we know."
Richard Wilbur

[img]/forum/attachments/random-nonsense/16515-sigs-dan_drag.jpg[/img]
Subscribers! Ask Pitch about a Custom Sig Graphic

Digg this Post!Add Post to del.icio.usBookmark Post in TechnoratiFurl this Post!
Reply With Quote
  #7 (permalink)  
Old 11th February, 2010, 01:16 AM
Daniel ~'s Avatar
Chief BBS Administrator
 
Join Date: September 2001
Location: Seattle Wa.
Posts: 45,606

Quote:
Originally Posted by Gizmo View Post
If I read the article correctly, it works based on activity thresholds. In other words, you have to have some idea of what 'normal' activity for your network looks like, and then you can use it to quarantine systems that suddenly produce 'abnormal' activity.

Thing is, this kind of tool can be defeated as long as you keep the worm's activity below the threshold. Obviously, this would also slow down the worm, and it's probably easier said than done, but the principle is still valid.
Thank you Gizmo!
__________________
"Though all men live in ignorance before mystery,
they need not live in darkness...
Justice is foundation and Mercy ETERNAL
."
DKE

"All that we do is touched by Ocean
Yet we remain on the shore of what we know."
Richard Wilbur

[img]/forum/attachments/random-nonsense/16515-sigs-dan_drag.jpg[/img]
Subscribers! Ask Pitch about a Custom Sig Graphic

Digg this Post!Add Post to del.icio.usBookmark Post in TechnoratiFurl this Post!
Reply With Quote
  #8 (permalink)  
Old 11th February, 2010, 03:13 PM
Chief Systems Administrator
 
Join Date: September 2001
Location: Europe
Posts: 13,075

Quote:
Originally Posted by Gizmo View Post
In other words, you have to have some idea of what 'normal' activity for your network looks like, and then you can use it to quarantine systems that suddenly produce 'abnormal' activity.
Given that I've yet to find an organisation that seems to know what 'normal' activity looks like on their networks, I suspect this isn't going to get too far...
__________________
Digg this Post!Add Post to del.icio.usBookmark Post in TechnoratiFurl this Post!
Reply With Quote
Reply



Currently Active Users Viewing This Thread: 1 (0 members and 1 guests)
 
Thread Tools
Rate This Thread
Rate This Thread:

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off
Trackbacks are On
Pingbacks are On
Refbacks are On


Similar Threads
Thread Thread Starter Forum Replies Last Post
Researchers Develop Semiconducting Nanowires Daniel ~ Random Nonsense! 1 30th November, 2009 10:10 PM
MIT Researchers Develop New Electrolysis Catalyst Material for Making Hydrogen Daniel ~ Random Nonsense! 0 1st August, 2008 05:20 PM
Researchers Develop Quantum Device to Control Single Electron Spin Daniel ~ General Hardware Discussion 3 26th October, 2007 10:33 PM
EU researchers develop new nano-imprinter Gizmo Random Nonsense! 0 9th January, 2007 06:15 PM
8RDA+ Stops on 1d Code w/ ATI 9800 pro Jasonx5213 EPoX MotherBoards 1 15th November, 2003 12:31 AM


All times are GMT +1. The time now is 12:45 PM.


Copyright ©2001 - 2010, AOA Forums
Don't Click Here Don't Click Here Either

Search Engine Friendly URLs by vBSEO 3.3.0