Author

Topic: Antibodies (Read 1833 times)

sr. member
Activity: 240
Merit: 250
Don't mind me.
March 15, 2012, 07:49:19 PM
#16
p2pwn?
legendary
Activity: 1918
Merit: 1570
Bitcoin: An Idea Worth Spending
March 15, 2012, 07:18:00 PM
#15
Not sure what you mean, the scan results are only viewable on the network and not by the end-user?
I may be in over my head here, but I was trying to think of a way to limit what info is broadcast to other peers on the network. For example, I would not want my directory structure to be viewable to other peers.

Same here (see bold above), but allow me to suggest branding this idea with something better than antibodies.

~Bruno~
legendary
Activity: 1272
Merit: 1012
howdy
March 15, 2012, 05:42:31 PM
#14
That would be one big ass block file for all the viruses out there. Really good idea though.
legendary
Activity: 947
Merit: 1042
Hamster ate my bitcoin
March 15, 2012, 02:28:57 PM
#13
Not sure what you mean, the scan results are only viewable on the network and not by the end-user?
I may be in over my head here, but I was trying to think of a way to limit what info is broadcast to other peers on the network. For example, I would not want my directory structure to be viewable to other peers.

Peers only exchange antibodies not system info.
legendary
Activity: 3066
Merit: 1147
The revolution will be monetized!
March 15, 2012, 02:04:50 PM
#12
Not sure what you mean, the scan results are only viewable on the network and not by the end-user?
I may be in over my head here, but I was trying to think of a way to limit what info is broadcast to other peers on the network. For example, I would not want my directory structure to be viewable to other peers.
legendary
Activity: 947
Merit: 1042
Hamster ate my bitcoin
March 15, 2012, 01:58:08 PM
#11
Could it be an issue if you have a list of open ports and ip addresses that the Antibodies would be hooked up to, and one buffer overflow later, you got yourself a premade botnet ready to roll?

No, antibodies run inside a script engine that only has safe read bindings.

It can only look and tell user what it see's.
sr. member
Activity: 240
Merit: 250
Don't mind me.
March 15, 2012, 01:48:10 PM
#10
Could it be an issue if you have a list of open ports and ip addresses that the Antibodies would be hooked up to, and one buffer overflow later, you got yourself a premade botnet ready to roll?
donator
Activity: 305
Merit: 250
March 15, 2012, 01:47:18 PM
#9
Not sure what you mean, the scan results are only viewable on the network and not by the end-user?
legendary
Activity: 3066
Merit: 1147
The revolution will be monetized!
March 15, 2012, 01:32:43 PM
#8
Nice idea, but I see several issues.  Like you mentioned, differentiating between good/bad is tough.  Even our own immune system has issues with it, hence the multitude of auto-immune diseases.  Also, I doubt many people are going to let a p2p software scan their system even if it is just read-only. 
Hmmm. true. Perhaps the scan can be preformed with only the results viewable on the network? 
donator
Activity: 305
Merit: 250
March 15, 2012, 01:27:46 PM
#7
Nice idea, but I see several issues.  Like you mentioned, differentiating between good/bad is tough.  Even our own immune system has issues with it, hence the multitude of auto-immune diseases.  Also, I doubt many people are going to let a p2p software scan their system even if it is just read-only. 
legendary
Activity: 947
Merit: 1042
Hamster ate my bitcoin
March 15, 2012, 12:44:46 PM
#6
Finding a good way to determine good from bad antibodies is definitely the crux of the problem here.

legendary
Activity: 1330
Merit: 1000
March 15, 2012, 12:05:51 PM
#5
Maybe you could track the antibodies in a block-chain.  Design it so that only those who have access to the virus in question can hash it and vote on whether the antibody is valid or a false positive.  Mining the block chain and voting on antibodies then replaces your anti-virus subscription.
legendary
Activity: 3066
Merit: 1147
The revolution will be monetized!
March 15, 2012, 09:44:22 AM
#4
I like the sound of this. Anti-virus companies take time to update virus definitions, but a p2p one, we could potentially mark a file as a virus, that could be new, though we need some proof-of-virus algorithm.
Yeah, that's a good point about "proof-of-virus". Legitimate programs are flagged as viri all the time, even bitcoin. But the overall idea is kinda cool, and just the sort of task that could work in a crowd sourcing environment. 
legendary
Activity: 1862
Merit: 1011
Reverse engineer from time to time
March 15, 2012, 09:39:40 AM
#3
I like the sound of this. Anti-virus companies take time to update virus definitions, but a p2p one, we could potentially mark a file as a virus, that could be new, though we need some proof-of-virus algorithm.
sr. member
Activity: 240
Merit: 250
Don't mind me.
March 15, 2012, 09:22:00 AM
#2
Seems like it works on paper, but you'd probably create a bigger monster if someone found a way to spike the network.
legendary
Activity: 947
Merit: 1042
Hamster ate my bitcoin
March 15, 2012, 09:14:49 AM
#1
I am floating an idea here to asses its merit. Its unrelated to bitcoin but is p2p.

The idea is called Antibodies (p2p antivirus).

An antibody in this context is a package of data containing information, name/author/... , and most importantly a script.

The antibody client connects to a p2p network that share's its antibodies with other nodes.

Antibodies are prioritized and run in the background. They have only got read access to the memory/filesystem of local system. They can also send a message to the user such as "Warning, this system is infected with a virus!".

And if you have the skills you can publish your own antibody.

Obviously there would be the potential for spammy antibodies but the network would have a degree of resiliency to this as you can choose to mark an antibody as 'BAD' and this information is shared across the network.
Jump to: