posted by Thom Holwerda on Thu 27th Jan 2011 22:15 UTC, submitted by jimmy1971
Icon"Researchers at North Carolina State University have developed a method to restore a computer operating system to its former state if it is attacked. [...] The concept involves taking a snapshot of the operating system at strategic points in time (such as system calls or interrupts), when it is functioning normally and, then, if the operating system is attacked, to erase everything that was done since the last 'good' snapshot was taken - effectively going back in time to before the operating system attack. The mechanism also allows the operating system to identify the source of the attack and isolate it, so that the operating system will no longer be vulnerable to attacks from that application. The idea of detecting attacks and resetting a system to a safe state is a well-known technique for restoring a system's normal functions after a failure, but this is the first time researchers have developed a system that also incorporates the security fault isolation component. This critical component prevents the operating system from succumbing to the same attack repeatedly."
e p (0)    4 Comment(s)

Technology White Papers

See More