New Intel Security Can Tell You and Malicious Attacker Apart

Intel's Proteus security software starts out by getting to know you better—understanding your habits and network demands—using those statistical guidelines to clamp down on stuff that, let's face it, doesn't really sound like You. At least, not the You that Proteus has grown to love. This kind of learning really helps when trying to protect company-owned portables: Not surprisingly, typical behavior at work and typical behavior at home turn out to be two very different things.

Many security programs simply trigger an alarm when bandwidth demands exceed a certain point. They can be dumb, and might not know that it was you who wanted to download four movies at once, or send picture e-mail to 100,000 of your closest friends. This thing sees what you're doing and how you're doing it, and can safely say more frequently that some bizarre behavior is acceptable—though maybe not to your boss.

The software also watches for regular pings to computers across the net. By seeing not just the location but determining the intervals of the calls "home," Proteus can even figure out which malware is in use.

The reason this is so effective is that it differentiates systems that otherwise look identical. Corporate laptops all look the same, software wise, right? If someone can crack one, they can crack them all. If Proteus gets deployed, hackers have a much harder time with the old virtual B&E. Even when, say, a spambot was in place, it would have to know when each user would typically be in the mood for more bandwidth in order to fool Proteus.

Since this comes from Intel, word is that the company is trying to figure out a way to hardwire this stuff right into the chips, rather than let it be some subscription program that pops up every so often to scare you with over-the-top allegations of your system's vulnerability. [Technology Review]