IBM wants to give the Internet its own autoimmune system.
Researchers at Big Blue's Thomas J. Watson Research Laboratory are adapting artificial intelligence technology that once taught a computer how to play backgammon to root out viral code.
Within a year, researchers hope the AI code will generate an "antidote" and distribute itself to users over the Net.
The virus problem is getting worse. The Net boom has promoted not only the exchange of ideas but also the swapping of code used to make worms, viruses and other malevolent programs. Meanwhile, hundreds of unsuspecting newbies are logging on, only to face possible surprise by an errant file.
"People think of viruses as obvious: you won't know it until you have a problem," said Sarah Gordon, security analyst for Command Software. "They don't see that viruses move decimal points or change a number here and there."
Gregory Sorkin, Steven White and other researchers at the Watson Laboratory saw the need to develop more sophisticated tools to combat the virulent code. Their answer lay in a form of AI that would automate the process of detecting even new, mutated viruses on the fly.
"We hope the machine can do a better job than a human [in detecting new virus]," said Sorkin.
The researchers used "temporal difference," a method of teaching a computer to recognize patterns in code rather than incremental changes in specific lines of code. This top-down view of viruses eliminates the endless strains that anti-viral experts said would bog down an AI system.
Still, AI experts are skeptical of the viability of neural networks in virus detection.
Steven Saltzberg, professor of computer science at Johns Hopkins University, said the temporal difference would enable a computer to predict the future by monitoring changes in its environment over time.
In effect, the computer gains the ability to anticipate viral behavior.
"They could be on to something, but the string matching [virus detection] that is in place today is highly sophisticated," said Saltzberg.
Virsuses aren't the only uses for this technology. IBM's Almaden Research Center is currently alpha testing a search engine based on the Watson Lab's anti-viral detection scheme.
For this technology, searching is broken down into two types - small searches for names and broader searches by people who want to stay abreast of information in their field or learn about a new field.
Prabhakar Raghavan, manager of computer science principles and methods, said IBM is focusing on the latter types of searches for an engine it hopes to have ready for corporate intranets within the next year.
