Topic: Antibodies (Read 1813 times)
p2pwn?
Not sure what you mean, the scan results are only viewable on the network and not by the end-user?
I may be in over my head here, but I was trying to think of a way to limit what info is broadcast to other peers on the network. For example, I would not want my directory structure to be viewable to other peers. Same here (see bold above), but allow me to suggest branding this idea with something better than antibodies.
~Bruno~
That would be one big ass block file for all the viruses out there. Really good idea though.
Not sure what you mean, the scan results are only viewable on the network and not by the end-user?
I may be in over my head here, but I was trying to think of a way to limit what info is broadcast to other peers on the network. For example, I would not want my directory structure to be viewable to other peers. Peers only exchange antibodies not system info.
Not sure what you mean, the scan results are only viewable on the network and not by the end-user?
I may be in over my head here, but I was trying to think of a way to limit what info is broadcast to other peers on the network. For example, I would not want my directory structure to be viewable to other peers. Could it be an issue if you have a list of open ports and ip addresses that the Antibodies would be hooked up to, and one buffer overflow later, you got yourself a premade botnet ready to roll?
No, antibodies run inside a script engine that only has safe read bindings.
It can only look and tell user what it see's.
Could it be an issue if you have a list of open ports and ip addresses that the Antibodies would be hooked up to, and one buffer overflow later, you got yourself a premade botnet ready to roll?
Not sure what you mean, the scan results are only viewable on the network and not by the end-user?
Nice idea, but I see several issues. Like you mentioned, differentiating between good/bad is tough. Even our own immune system has issues with it, hence the multitude of auto-immune diseases. Also, I doubt many people are going to let a p2p software scan their system even if it is just read-only.
Hmmm. true. Perhaps the scan can be preformed with only the results viewable on the network?
Nice idea, but I see several issues. Like you mentioned, differentiating between good/bad is tough. Even our own immune system has issues with it, hence the multitude of auto-immune diseases. Also, I doubt many people are going to let a p2p software scan their system even if it is just read-only.
Finding a good way to determine good from bad antibodies is definitely the crux of the problem here.
Maybe you could track the antibodies in a block-chain. Design it so that only those who have access to the virus in question can hash it and vote on whether the antibody is valid or a false positive. Mining the block chain and voting on antibodies then replaces your anti-virus subscription.
I like the sound of this. Anti-virus companies take time to update virus definitions, but a p2p one, we could potentially mark a file as a virus, that could be new, though we need some proof-of-virus algorithm.
Yeah, that's a good point about "proof-of-virus". Legitimate programs are flagged as viri all the time, even bitcoin. But the overall idea is kinda cool, and just the sort of task that could work in a crowd sourcing environment. legendary
Activity: 1862
Merit: 1011
Reverse engineer from time to time
I like the sound of this. Anti-virus companies take time to update virus definitions, but a p2p one, we could potentially mark a file as a virus, that could be new, though we need some proof-of-virus algorithm.
Seems like it works on paper, but you'd probably create a bigger monster if someone found a way to spike the network.
I am floating an idea here to asses its merit. Its unrelated to bitcoin but is p2p.
The idea is called Antibodies (p2p antivirus).
An antibody in this context is a package of data containing information, name/author/... , and most importantly a script.
The antibody client connects to a p2p network that share's its antibodies with other nodes.
Antibodies are prioritized and run in the background. They have only got read access to the memory/filesystem of local system. They can also send a message to the user such as "Warning, this system is infected with a virus!".
And if you have the skills you can publish your own antibody.
Obviously there would be the potential for spammy antibodies but the network would have a degree of resiliency to this as you can choose to mark an antibody as 'BAD' and this information is shared across the network.
The idea is called Antibodies (p2p antivirus).
An antibody in this context is a package of data containing information, name/author/... , and most importantly a script.
The antibody client connects to a p2p network that share's its antibodies with other nodes.
Antibodies are prioritized and run in the background. They have only got read access to the memory/filesystem of local system. They can also send a message to the user such as "Warning, this system is infected with a virus!".
And if you have the skills you can publish your own antibody.
Obviously there would be the potential for spammy antibodies but the network would have a degree of resiliency to this as you can choose to mark an antibody as 'BAD' and this information is shared across the network.
Jump to: