Intel's Smart Security Watches You, Distinguishes Your Behavior From an Attacker's [Security]
Many security programs simply trigger an alarm when bandwidth demands exceed a certain point. They can be dumb, and might not know that it was you who wanted to download four movies at once, or send picture e-mail to 100,000 of your closest friends. This thing sees what you're doing and how you're doing it, and can safely say more frequently that some bizarre behavior is acceptable—though maybe not to your boss.
The software also watches for regular pings to computers across the net. By seeing not just the location but determining the intervals of the calls "home," Proteus can even figure out which malware is in use.
The reason this is so effective is that it differentiates systems that otherwise look identical. Corporate laptops all look the same, software wise, right? If someone can crack one, they can crack them all. If Proteus gets deployed, hackers have a much harder time with the old virtual B&E. Even when, say, a spambot was in place, it would have to know when each user would typically be in the mood for more bandwidth in order to fool Proteus.
Since this comes from Intel, word is that the company is trying to figure out a way to hardwire this stuff right into the chips, rather than let it be some subscription program that pops up every so often to scare you with over-the-top allegations of your system's vulnerability. [Technology Review]
Posts
