Billy Goats Gruff Gets the Worm Out
turbotodd 100000388Y Visits (2034)
So it goes with Internet worms and viruses (or, if you prefer, virii), except this time around, the mean old troll has been replaced by Billy Big Blue as we work to help our customers separate the bad goats from the good with our new "Billy Goat" technology.
This new intrusion detection innovation helps prevent and analyze hacker attacks using a novel tool that helps provide early detection of worm attacks while greatly reducing false alarms (or, to co-opt another folk tale, reducing those incidences of your system "crying wolf"!) As soon as Billy Goat is attacked, it identifies the attacking systems and fences them off, helping isolate worms and viruses before they can propagate.
Take that, you evil worms!
Beard Entirely Optional
Why is such an intelligent intervention so important? One of the greatest threats to Internet security has come from automatic, self-propagating attacks (like worms.) These attacks often scan networked servers completely at random, until they are successful at placing a harmful program on a server using a maliciously crafted request. That program then can use that server as a home base from which to attack other servers...and so on...and so on...which leads to exponential growth of the number of attacks and, ultimately, overloaded servers...then network failure...then, hang out the "Closed for Business" sign.
In these cases, systems administrators have often had a huge strain put on them during such attacks, making one of the key criteria of an effective intrusion system reducing the "noise," or high rate of false alarms. The Billy Goat technology helps minimize those alarms through the use of a novel architecture that combines an extensive view of the network, spoofed service interaction with potential attackers, and a clear focus on detecting automated attacks. That way, major security problems can be more readily identified before they occur.
The Billy Goat technology is being made available through IBM's On Demand Innovation Services (ODIS), the partnership between IBM Research and Business Consulting Services (BCS), to help our customers tap into the deep technical expertise of IBM Research along with the business insight of IBM's consultants. The ODIS team offers security and privacy services related to biometrics, digital rights management, identity management, intrusion prevention, privacy protection and secure systems.
You can go here to learn more about the Billy Goat...and to help you get the worm out the hole instead of digging a deeper hole.