Washington, September 10 : Tel Aviv University researchers have written a unique software program called the 'Korset' that can stop computer viruses from wreaking havoc on the servers running on Linux, the operating system used by the majority of web and email servers worldwide.
Avishai Wool, a professor in the university's Faculty of Engineering, says that the new software can predict how any insidious program residing inside a computer for months or years after developing immunity to anti-virus solutions should behave in the future.
This advance is significant because most anti-virus companies often take days before their software updates can prepare one's computer for the next attack.
"We modified the kernel in the system's operating system so that it monitors and tracks the behaviour of the programs installed on it," says Prof. Wool, who carried out this project with his graduate student Ohad Ben-Cohen.
"When we see a deviation, we know for sure there's something bad going on," he adds.
As to how the new program can be more beneficial than the costly anti-virus protection, he states: "Our methods are much more efficient and don't chew up the computer's resources,"
However, Prof. Wool has made it clear that his motive is to make the Internet a safer place, and not to open a new company to compete with current anti-virus software manufacturers. Generally, anti-virus companies catch viruses "in the wild", send them to isolated computer labs for study, and then determine the unique patterns or "signatures" the malware creates. It is this signature that is sent as an anti-virus update to anti-virus subscribers.
The problem is that updates take too much time to perfect and then distribute, leaving a wide window of opportunity for computer villains to attack.
"There is an ongoing battle between computer security experts and the phenomenal growth of viruses and network worms flooding the Internet. The fundamental problem with viruses remains unsolved and is getting worse every day," says Prof. Wool.
He believes that even if end-users do everything they can to protect their computers, such as using anti-virus programs and firewalls, there will always be a period when your computer is vulnerable to attack.
He says that computer users can ensure protection by not clicking on the links that purport to be from PayPal, banks or credit card companies.
"Most legitimate companies like banks never ask their clients to click on links in an email. Be suspicious if a company asks you to do this -- access your account through bookmarks you've set up, or directly through the company's homepage," he says.
A presentation on the model software was made at the Black Hat Internet security conference in Las Vegas this summer.