The phony goat gets the worm

Mar 28, 2006

IBM researchers have designed a new way to detect and thwart attacks on computer networks. Code named "Billy Goat," the intrusion detection tool provides both early detection of worm attacks and fewer false alarms than other sensor systems.

The tool masquerades as a collection of servers on a network. Actual servers do not communicate with Billy Goat, but criminals who randomly attack servers are likely to stumble over it. As soon as Billy Goat is attacked, it identifies the attacking systems and fences them off electronically, isolating worms and viruses before they can propagate.

"Billy Goat uses a unique approach to detect malicious software by responding to requests sent to unused IP addresses, presenting what from a worm's-eye view looks like a network full of machines and services," says Dr. James Riordan, the lead designer of the system at IBM's Zurich Research Lab.

"In other words, Billy Goat creates a virtual environment for the worms. Such virtualization, by providing feigned services as well as recording connection attempts, helps Billy Goat trick worms into revealing their identity. This method allows the system to reliably and quickly identify worm-infected machines in a network."

Source: IBM

Explore further: Researchers reverse-engineering China's online censorship methods reveal government's deepest concerns

add to favorites email to friend print save as pdf

Related Stories

Premier FBI cybersquad in Pittsburgh to add agents

8 hours ago

The FBI's premier cybersquad has focused attention on computer-based crime in recent months by helping prosecutors charge five Chinese army intelligence officials with stealing trade secrets from major companies and by snaring ...

Recommended for you

Ahead of Emmys, Netflix already winning online

2 hours ago

Even if it doesn't take home any of the major trophies at Monday's Emmy Awards, Netflix will have already proven itself the top winner in one regard: Internet programming.

US warns shops to watch for customer data hacking

2 hours ago

The US Department of Homeland Security on Friday warned businesses to watch for hackers targeting customer data with malicious computer code like that used against retail giant Target.

Official says hackers hit up to 25,000 US workers

2 hours ago

The internal records of as many as 25,000 Homeland Security Department employees were exposed during a recent computer break-in at a federal contractor that handles security clearances, an agency official said Friday.

Oregon sues Oracle over failed health care website

12 hours ago

Oregon Attorney General Ellen Rosenblum says she's filed a lawsuit against Oracle Corp. and several of its executives over the technology company's role in the state's troubled health insurance exchange.

Google buys product design firm Gecko

12 hours ago

Google on Friday confirmed that it bought Gecko Design to bolster its lab devoted to technology-advancing projects such as self-driving cars and Internet-linked Glass eyewear.

User comments : 0