Computer technicians are fighting a losing battle against marauding systems viruses, research indicates.
The way viruses are being fought is fundamentally flawed, New Scientist magazine said. Viruses are spreading faster than the speed at which antivirus patches can be distributed, according to experts at computer giant Hewlett-Packard in Bristol.
By the time antivirus software catches up, the damage has already been done. Most antivirus software works by identifying unique characteristics or patterns in the computer code that makes up a virus. Once identified, this "signature" is distributed to everyone who has bought the antivirus software. But the strategy means knowing what the virus looks like before taking action against it.
The new research is the first to evaluate how effective this approach is. The Hewlett-Packard team, led by Matthew Williamson, constructed a computer model to mimic the way in which viruses spread and were tackled by antivirus software.
Williamson found that even if a signature is available from the moment a virus is released, it cannot stop a virus spreading if it propagates fast enough. And the current crop of resistant viruses, such as Slammer and MSBlaster, fit into this category.
What emerged clearly from the model was that code to combat these viruses cannot be distributed fast enough. Antivirus software checks for updates no more than once an hour. Yet too many checks may be perceived as an attack.
"When Slammer struck in January, 78,000 machines were infected in half an hour. That's before anyone's pager went off," said Williamson.
Another problem with a signature-based approach was that it clogged up the system. Every e-mail had to be scanned for every virus that has ever existed, and the list now extended to tens of thousands.
Hewlett-Packard is investigating a new technique called "virus throttling" which controls the amount of network traffic flowing in and out of a PC.
The system examines every packet of information traveling out of a PC to determine whether it is likely to be spreading a virus.
Suspect packets are blocked. Throttling sets a limit on the number of connections a virus attempts with other computers from hundreds per second to one a second, drastically reducing its ability to spread.
McAfee Avert in Amsterdam is developing another strategy using a set of loose rules and probabilities to spot suspect code. However, it tends to sound false alarms. Marius van Oers, a research engineer at McAfee Avert, said:
"Customers don't want any false positives. It can cause panic,"he said.
RETHINK? The defense ministry and Navy Command Headquarters could take over the indigenous submarine project and change its production timeline, a source said Admiral Huang Shu-kuang’s (黃曙光) resignation as head of the Indigenous Submarine Program and as a member of the National Security Council could affect the production of submarines, a source said yesterday. Huang in a statement last night said he had decided to resign due to national security concerns while expressing the hope that it would put a stop to political wrangling that only undermines the advancement of the nation’s defense capabilities. Taiwan People’s Party Legislator Vivian Huang (黃珊珊) yesterday said that the admiral, her older brother, felt it was time for him to step down and that he had completed what he
Taiwan has experienced its most significant improvement in the QS World University Rankings by Subject, data provided on Sunday by international higher education analyst Quacquarelli Symonds (QS) showed. Compared with last year’s edition of the rankings, which measure academic excellence and influence, Taiwanese universities made great improvements in the H Index metric, which evaluates research productivity and its impact, with a notable 30 percent increase overall, QS said. Taiwanese universities also made notable progress in the Citations per Paper metric, which measures the impact of research, achieving a 13 percent increase. Taiwanese universities gained 10 percent in Academic Reputation, but declined 18 percent
UNDER DISCUSSION: The combatant command would integrate fast attack boat and anti-ship missile groups to defend waters closest to the coastline, a source said The military could establish a new combatant command as early as 2026, which would be tasked with defending Taiwan’s territorial waters 24 nautical miles (44.4km) from the nation’s coastline, a source familiar with the matter said yesterday. The new command, which would fall under the Naval Command Headquarters, would be led by a vice admiral and integrate existing fast attack boat and anti-ship missile groups, along with the Naval Maritime Surveillance and Reconnaissance Command, said the source, who asked to remain anonymous. It could be launched by 2026, but details are being discussed and no final timetable has been announced, the source
BULLY TACTICS: Beijing has continued its incursions into Taiwan’s airspace even as Xi Jinping talked about Taiwan being part of the Chinese family and nation China should stop its coercion of Taiwan and respect mainstream public opinion in Taiwan about sovereignty if its expression of goodwill is genuine, the Ministry of Foreign Affairs (MOFA) said yesterday. Ministry spokesman Jeff Liu (劉永健) made the comment in response to media queries about a meeting between former president Ma Ying-jeou (馬英九) and Chinese President Xi Jinping (習近平) the previous day. Ma voiced support for the so-called “1992 consensus,” while Xi said that although the two sides of the Taiwan Strait have “different systems,” this does not change the fact that they are “part of the same country,” and that “external