The phony goat gets the worm

Mar 28, 2006

IBM researchers have designed a new way to detect and thwart attacks on computer networks. Code named "Billy Goat," the intrusion detection tool provides both early detection of worm attacks and fewer false alarms than other sensor systems.

The tool masquerades as a collection of servers on a network. Actual servers do not communicate with Billy Goat, but criminals who randomly attack servers are likely to stumble over it. As soon as Billy Goat is attacked, it identifies the attacking systems and fences them off electronically, isolating worms and viruses before they can propagate.

"Billy Goat uses a unique approach to detect malicious software by responding to requests sent to unused IP addresses, presenting what from a worm's-eye view looks like a network full of machines and services," says Dr. James Riordan, the lead designer of the system at IBM's Zurich Research Lab.

"In other words, Billy Goat creates a virtual environment for the worms. Such virtualization, by providing feigned services as well as recording connection attempts, helps Billy Goat trick worms into revealing their identity. This method allows the system to reliably and quickly identify worm-infected machines in a network."

Source: IBM

Explore further: Researchers discover low-grade nonwoven cotton picks up 50 times own weight of oil

add to favorites email to friend print save as pdf

Related Stories

Google searches hold key to future market crashes

3 hours ago

A team of researchers from Warwick Business School and Boston University have developed a method to automatically identify topics that people search for on Google before subsequent stock market falls.

Recommended for you

Taking great ideas from the lab to the fab

9 hours ago

A "valley of death" is well-known to entrepreneurs—the lull between government funding for research and industry support for prototypes and products. To confront this problem, in 2013 the National Science ...

SR Labs research to expose BadUSB next week in Vegas

9 hours ago

A Berlin-based security research and consulting company will reveal how USB devices can do damage that can conduct two-way malice, from computer to USB or from USB to computer, and can survive traditional ...

US warns retailers on data-stealing malware

11 hours ago

US government cybersecurity watchdogs warned retailers Thursday about malware being circulated that allows hackers to get into computer networks and steal customer data.

User comments : 0