Tuesday, January 21, 2003

Software aims to snare hackers

By Ben Dobbin
The Associated Press

BUFFALO, N.Y. - A suspected crooked insider at a New York software company sells consumer-credit reports to identity thieves, at roughly $30 a pop, in a high-tech scam that prosecutors say victimizes thousands.

An unemployed British computer administrator fights extradition to face federal charges in Virginia and New Jersey that he hacked into 92 separate U.S. military and government networks, often getting past easy-to-guess passwords to download sensitive data.

These and other recent data intrusions, whose authors are typically intent on theft, sabotage or cyberterrorism, have given rise to a promising profiling-and-reasoning strategy aimed at preventing online break-ins as they happen.

Just as authorities use profiling to guard against criminals at ports and borders, researchers at the State University of New York at Buffalo are developing software that can generate highly personalized profiles of network users by analyzing the sequences of commands entered at each computer terminal.

The system - a prototype is likely to be ready for intensive testing this summer - could provide a high-grade layer of protection for networks that require especially tight monitoring.

The "user-level anomaly detection" software draws up regularly updated profiles by closely tracking over time how each person performs an array of routine tasks.

Designed to tell if someone has strayed into an unauthorized zone or is masquerading as an employee using a stolen password, the program keeps watch for even subtle deviations in behavior, monitoring them, and reporting to network administrators.

Conference takes aim at spam
Software aims to snare hackers
More Technology News

Hritz new president of AK Steel
Tristate Summary

Endowments drop at U.S. universities
Magic Johnson promotes HIV drug
War fears prompt overseas slide
Foreman savors grilling success
Disney settles 'whistle-blower' suit
Bush official: Party not payoff