Thursday, October 15, 2015

Program Anomaly Detection Approach Detectiion Software Prototype Developed at Virginia Tech

Imagine millions of lines of instructions. Then try and picture how one extremely tiny anomaly could be found in almost real-time and prevent a cyber security attack.

Called a "program anomaly detection approach," a trio of Virginia Tech computer scientists has tested their innovation against many real-world attacks.

One type of attack is when an adversary is able to remotely access a computer, bypassing authentication such as a login screen. A second example of attack is called heap feng shui where attackers hijack the control of a browser by manipulating its memory layout. Another example of attack is called directory harvesting where spammers interact with vulnerable mail servers to steal valid email addresses.

The prototype developed by the Virginia Tech scientists proved to be effective and reliable at these types of attacks with a false positive rate as low as 0.01 percent.

No comments: