Patricia Moat, a student from Binghamton University has discovered a new way to stop malware right in its tracks. This young American student is pursuing a doctorate course in Computer Engineering and says that her invention may prevent all kinds future cyber attacks.
Patricia isnt talking about run of the mill hackings and malwares but big time intrusions such as Stuxnet and Zeus and opening a whole new way our present day security software operate. She says that it can prevent cyber attacks against planes and power plants. Her system takes a very different approach to sniffing malware or malicious system attacks. The available anti virus and anti malware systems in use today sift through the computer hard drives looking for malicious software. Her system will look from abnormal communication within the computer itself. This means that here system will detect and log the communications when a Application communicates with the operating system. This way her system can be on constant lookout for any abnormal communications taking place and block that piece of software from executing its codes.
The US Government is taking Moat seriously and helping her out with funding through the Air Force Office of Scientific Research. They are now researching her system which scans for “system calls” i.e. communications between applications and a computer’s operating system, such as Windows. This means that the system being developed, can defend against attacks which other methods like the av or anti malware scanning for malware CAN’T.
Patricia Moat stated on the Binghamton blog, that, “This is like catching an intruder coming into your house. And it excites me to do something most people have never done.” She is being helped by her supervisor Victor Skormin. Sknormin says that spotting ‘abnormal’ calls can be key to stopping all future cyber disasters. He cites example of its usage in various diverse fields giving the example of planes misdirected to land short of a runway, or of power grids robbed of electricity, as reported by Homeland Security Newswire.
“Actually, it’s a war taking place in cyberspace, and it requires many different weapons and defenses,” Skormin says. “There are many existing attacks that our application works against very successfully.”
If successful, Moat and Skormin’s technology will monitor all the signals sent between applications and the operating system – system calls happen constantly, such as when an application accesses files – but looks for abnormal calls, by comparing a system’s behavior with its state of “normalcy” This could be a ground breaking experiment in the fight against cyber crime.