Academics Create Automatic Signature Generation Prototype
OAKLAND, Calif.Internet security researchers at two U.S. universities have created a prototype system for the automatic generation of vulnerability signatures, promising a new technique to block exploits from attacking unpatched software vulnerabilities.
In a paper, here in PDF form, presented at the 2006 IEEE (Institute of Electrical and Electronics Engineers) Symposium on Security and Privacy here, academics from the University of Wisconsin-Madison and Carnegie Mellon University say the system can automatically generate a high-quality vulnerability signature using a single exploit.
"We need automatic signature generation techniques because manual signature generation is slow and error prone," said David Brumley, a doctoral student in the computer science department at the Carnegie Mellon University.
Although the research work is highly theoretical and unproven in real world scenarios, anti-malware experts at the conference agree that the speedy generation of signatures to thwart zero-day attacks is even more important in today's environment.
Brumley, who presented the paper on behalf of the two universities, said previously unknown or unpatched vulnerabilities can be exploited faster than a human can respond, especially in cases of worm outbreaks.