The phony goat gets the worm

Mar 28, 2006

IBM researchers have designed a new way to detect and thwart attacks on computer networks. Code named "Billy Goat," the intrusion detection tool provides both early detection of worm attacks and fewer false alarms than other sensor systems.

The tool masquerades as a collection of servers on a network. Actual servers do not communicate with Billy Goat, but criminals who randomly attack servers are likely to stumble over it. As soon as Billy Goat is attacked, it identifies the attacking systems and fences them off electronically, isolating worms and viruses before they can propagate.

"Billy Goat uses a unique approach to detect malicious software by responding to requests sent to unused IP addresses, presenting what from a worm's-eye view looks like a network full of machines and services," says Dr. James Riordan, the lead designer of the system at IBM's Zurich Research Lab.

"In other words, Billy Goat creates a virtual environment for the worms. Such virtualization, by providing feigned services as well as recording connection attempts, helps Billy Goat trick worms into revealing their identity. This method allows the system to reliably and quickly identify worm-infected machines in a network."

Source: IBM

Explore further: BMW fixes security flaw that exposed 2.2M cars to break-ins

add to favorites email to friend print save as pdf

Related Stories

Galaxy dust findings confound view of early Universe

11 hours ago

What was the Universe like at the beginning of time? How did the Universe come to be the way it is today?—big questions and huge attention paid when scientists attempt answers. So was the early-universe ...

Recommended for you

Airbnb to expand tax collection efforts

Jan 30, 2015

Online lodging operator Airbnb is expanding its efforts to collect local taxes, responding to complaints that it competes unfairly with the hotel sector.

Jay Z to acquire Wimp music service

Jan 30, 2015

US rap star Jay Z will make a $56-million foray into the music streaming business by taking over the Norwegian service Wimp, its shareholders confirmed Friday.

Scientists trial system to improve safety at sea

Jan 30, 2015

A space scientist at the University of Leicester, in collaboration with the New Zealand Defence Technology Agency and DMC International Imaging, has been trialling a concept for using satellite imagery to ...

User comments : 0

Please sign in to add a comment. Registration is free, and takes less than a minute. Read more

Click here to reset your password.
Sign in to get notified via email when new comments are made.