Latest Microsoft Research Developments
An interesting article has been posted on the InformationWeek website. It lists some of the products that Microsoft Research is currently working on. Most of these systems are developed and tested for several years. Some products are already ready for release (perhaps even included in the Vista operating system), and for the rest, the timing of the final releases is not called, but these technologies are in themselves of interest.
MS Research was founded in 1991 from 20 employees, and has now grown to 700 people who work in different parts of the world. Rich Drives , one of the senior managers of MS Research, talks about the most promising developments.
The GhostBuster automatic rootkit detection system is created by the Redmond division of MS Research. This program is unique in that it analyzes and compares system information at different levels: from the highest system level (Win32 API, for example) to the lowest - reading sectors from the hard disk.
Another interesting development called Shield Today is something like an intellectual “add-on” for the firewall, which can block potentially harmful traffic immediately after some vulnerability is found in the system, but before the patch covering this hole is released . The tests showed that the system works very effectively: it effectively blocked the exploitation of 98% of vulnerabilities found in Windows systems over the past two years, including protecting the systems of the SQL Slammer worm and from exploiting a known hole in Windows Meta File.
')
The SureMail system ( PDF ), which is created by Indian developers at Microsoft, should solve the problem of "lost" emails. The study showed that about 1% of all emails on the Internet never reach the addressee. The SureMail system monitors all mail traffic and informs the addressee in the event that he did not receive the letter sent to him without disclosing the contents of the letter.
An interesting program Vigilante is created in the Cambridge division of MS Research. This program detects and responds to attacks of an unknown type of network worms. In order to detect them, bait servers (honeypots) are placed on the network, which must be attacked by worms first. On these servers, incoming traffic is being analyzed, and in the case of the discovery of a new "infection", the program informs security specialists about this.
Another very original technology developed by Microsoft to combat phishing. This is an add-on to the browser that keeps track of all passwords entered by the user on all sites. Information about them (not the passwords themselves) goes to a certain central node, which analyzes data from millions of users. If the system suddenly finds that users leave an unusually high number of passwords on a new, previously unknown site, the system raises an alarm: this site can be created by phishers.
MS Research was founded in 1991 from 20 employees, and has now grown to 700 people who work in different parts of the world. Rich Drives , one of the senior managers of MS Research, talks about the most promising developments.
The GhostBuster automatic rootkit detection system is created by the Redmond division of MS Research. This program is unique in that it analyzes and compares system information at different levels: from the highest system level (Win32 API, for example) to the lowest - reading sectors from the hard disk.
Another interesting development called Shield Today is something like an intellectual “add-on” for the firewall, which can block potentially harmful traffic immediately after some vulnerability is found in the system, but before the patch covering this hole is released . The tests showed that the system works very effectively: it effectively blocked the exploitation of 98% of vulnerabilities found in Windows systems over the past two years, including protecting the systems of the SQL Slammer worm and from exploiting a known hole in Windows Meta File.
')
The SureMail system ( PDF ), which is created by Indian developers at Microsoft, should solve the problem of "lost" emails. The study showed that about 1% of all emails on the Internet never reach the addressee. The SureMail system monitors all mail traffic and informs the addressee in the event that he did not receive the letter sent to him without disclosing the contents of the letter.
An interesting program Vigilante is created in the Cambridge division of MS Research. This program detects and responds to attacks of an unknown type of network worms. In order to detect them, bait servers (honeypots) are placed on the network, which must be attacked by worms first. On these servers, incoming traffic is being analyzed, and in the case of the discovery of a new "infection", the program informs security specialists about this.
Another very original technology developed by Microsoft to combat phishing. This is an add-on to the browser that keeps track of all passwords entered by the user on all sites. Information about them (not the passwords themselves) goes to a certain central node, which analyzes data from millions of users. If the system suddenly finds that users leave an unusually high number of passwords on a new, previously unknown site, the system raises an alarm: this site can be created by phishers.
Source: https://habr.com/ru/post/4849/
All Articles