|
Virtual Time Machine May Foil Hackers |
|
|
"Not only can we turn back the clock on an attack to undo the damage, we can also go back to any point during the attack to observe exactly how the intruder breached the system," says University of Michigan computer-science professor Peter Chen.
By Mike Martin
NewsFactor Sci::Tech
Part of the NewsFactor Network
Posted May 31, 2003
Traveling back in time may be the way to thwart hack attacks, say computer scientists at the University of Michigan. Losses from computer crime are soaring -- already approaching the US$2 billion mark, according to industry experts -- and the end is not in sight. Computer hackers, however, drop few clues at their crime scenes, leaving security experts and system administrators with slim options for accurate detection.
Using a time machine to watch the crime unfold and nail the perps red-handed may sound like an outlandish Hollywood movie plot, but going back to stop a hack is precisely what Peter Chen has in mind.
"What we have created is a way to turn back time -- at least from a computing perspective -- and watch history unfold exactly as it did before," said Chen, an associate professor of electrical engineering and computer science at the University of Michigan. "Not only can we turn back the clock on an attack to undo the damage, we can also go back to any point during the attack to observe exactly how the intruder breached the system."
Several commercial products can record all changes made to a hard drive, allowing users to restore their systems to a previous backup point, Chen told NewsFactor. None of these products, Chen added, allow system administrators to replay an intruder's actions step by sneaky step.
Products that log not only hard-drive alterations but also hacker interactions might answer questions about vulnerabilities the hacker exploited to break into the system -- and what took place while the intruder had access. Chen's solution -- a "virtual machine" aptly named "ReVirt" -- hides the system's actual hardware and operating system while running a "guest" operating system that handles applications and interacts with users.
By creating this additional abstraction layer and forcing users to interact with a guest operating system, ReVirt logs all events at both the operating system and virtual machine level without showing its digital hand.
| |
|
Article continues...
News Factor |
 | |
|
|
|
 |
| "Virtual Time Machine May Foil Hackers" | Login/Create an Account | 0 comments |
|
| | The comments are owned by the poster. We aren't responsible for their content. |
|
|
|
No Comments Allowed for Anonymous, please register |
|
| |
|
Login |
|
 |
|
|
|
|
· New User? · Click here to create a registered account.
|
|
|
Article Rating |
|
|
|
|
|
|
Average Score: 4
Votes: 2
|
|
|
