- FBI warns Hit Man e-mail scammer back
- 20 tech habits to improve your life
- Industry mourns slain Cisco exec
- 10 Firefox add-ons for better browsing
- Wireless LANs face scaling challenges
Newsletters | Podcasts | Chats | Opinions | RSS Feeds | This Week In Print | IT Careers | Community | Reports | Downloads | Slideshows | New Data Center
Partner Sites:App Performance | On Demand Security | Networking Solution | SOA | Value of WDS
The scientific field of biology has provided many useful metaphors, such as “virus” and “infection,” for the study of malware. Many researchers have used biology and evolution science to create innovative defenses against malware, in many ways simulating the functions of biological immunity systems. I find that biological sciences and especially evolution provide some great insights into the behavior of malware, malware creators and malware defenses over longer periods of time. I also see a lot of parallels between the evolution of malware and the evolution of darknets (stealthy peer-to-peer, or P2P, networks).
Looking at how malware has evolved over time, you can see many of the same effects we see in nature. The key evolutionary concept that we see is the continuous adaptation of malware to its environment. It’s not an "arms race" as much as it is a predator-prey relationship between malware and antimalware. Similarly in P2P darknets, there is a predator-prey relationship between P2P and the forces of censorship or copyright police.
If you think of the universe of computers as the environment in which malware exists, you can see how changes in that environment cause adaptations in the malware. Both the environment and the malware itself are directed by intelligent actors (hackers and security researchers) rather than random mutation, but the evolutionary progress is quite evident. As defenses have become more sophisticated, malware has adapted. As malware becomes more stealthy, defenses have adapted.
In this back-and forth we have to consider how the actions of security researchers create evolutionary pressures and environmental niches for new malware. A few weeks back we examined the issue of security monocultures. If all defenses are identical, then they are also predictable. As a result they are easier to bypass. Just like an army of clones, our operating systems are all susceptible to the exact same attacks (for the most part). But while the targets are very similar, the attacks are extremely varied. Malware mutations (variants) are multiplying at incredible rates and are currently estimated to be between 300,000 and 500,000, depending on the antimalware vendor you ask. So lots of different "nasties" but only a few different variations of immunity. No wonder so many systems get compromised every year.
Rss FeedRss Feed
Aging network systems and old habits have dictated how businesses spend their IT budgets. As a...
Implementing HA at the Enterprise Data Center Edge to Connect to a Large Number of Branch OfficesThis paper reviews the problem of creating a network where the dynamic availability of services is...
Enterprise Data Center Network Reference ArchitectureUsing a High Performance Network Backbone to Meet the Requirements of the Modern Enterprise Data...
The standard for Power over Ethernet (PoE), IEEE Std. 802.3af(tm)-2003, advanced networking,...
Harnessing the power of communications to increase workplace performanceDue to the convergence of IT and telecommunications technologies, the business workplace has been...
Stay out of the headlines: Detecting and preventing network intrusionsHow do YOU stay out of the headlines? There is no denying that risk exists in our computer-driven...
We have so many holes punched in our firewalls today that many industry insiders question the value...
IP address management in 2008 - six things to knowRead this Network World Special Brief to learn how Enterprise IT managers must update their...
The self-managed networkWe aren't there yet, but advances in network and systems management tools are making it possible to...
| NetworkWorld, Inc. | About Network World, Inc. | Advertise | Careers | Contact us | Terms of Service/Privacy | Reprints and links | Partnerships | Press room | Subscribe to NW |
| IDG, Inc. | CIO | Computerworld | CSO | Demo | GamePro | Games.net | IDGconnect.com | IDG World Expo | Infoworld | JavaWorld.com | LinuxWorld.com | MacUser | Macworld | PC World | Playlistmag.com | The Industry Standard | IDG List Services | IDG TechNetwork |
 |
Copyright © 1994-2008 Network World, Inc. All rights reserved. |
Partner Content
Brilliantly simple security and control solutions for email, web and endpoint
www.sophos.com
Stopping data leakage
Learn how to exploit your current security investment to control the information that flows into, through and out of your network.
Download the white paper.
Why detection rates aren't enough
Evaluating endpoint security products is a time-consuming and daunting task. Learn the six critical questions you need to ask to prospective vendors to get the right endpoint solution.
Download the white paper.
Unauthorized applications: Taking back control
Employees installing and using unauthorized applications like IM, VoIP, games and peer-to-peer file-sharing applications cause many businesses serious concern. How do you control these applications?
Download the white paper.
Comments (2)
Nature's best lessonBy ru_trustified on March 3, 2008, 11:35 amWhat biology teaches us is that prevention is better than having to cure. What systems need is a good prophylactic! :)
Reply | Read entire comment
Nature's lessonsBy ru_trustified on March 3, 2008, 10:30 amThe best lesson learned from biology for systems is to practice prevention and avoid infection. What systems need is a good prophylactic.:)
Reply | Read entire comment
View all comments