carpe decorum

All I Want for Xmas

Here is my wishlist for Christmas: hardware that stops viruses cold. A Washington University professor, John Lockwood, and his graduate students developed Hardware to detect Malware. According to Lockwood:

The FPX uses several patented technologies in order to scan for the signatures of malware quickly. Unlike existing network intrusion systems, the FPX uses hardware, not software, to scan data quickly. The FPX can scan each and every byte of every data packet transmitted through a network at a rate of 2.4 billion bits per second. In other words, the FPX could scan every word in the entire works of Shakespeare in about 1/60th of a second.

The article, New system halts malware explains:

Lockwood's group has developed and implemented circuits that process the Internet protocol (IP) packets directly in hardware. They have also developed several circuits that rapidly scan streams of data for strings or regular expressions in order to find the signatures of malware carried within the payload of Internet packets. [Lockwood said:]

On the FPX, the reconfigurable hardware can be dynamically reconfigured over the network to search for new attack patterns. Should a new Internet worm or virus be detected, multiple FPX devices can be immediately programmed to search for their signatures.

Each FPX device then filters traffic passing over the network, so that it can immediately quarantine a virus or Internet worms within sub networks (subnets). By just installing a few such devices between subnets, a single device can protect thousands of users. By installing multiple devices at key locations throughout a network, large networks can be protected.

Best of all, this smartly treats not just the technological problem of keeping viri and their ilk at bay, but the human factor as well. FPX shifts anti-virus efforts back to those who maintain computers, rather than depending on an idealized user who patches their system and never follows a questionable link.