http://news.zdnet.co.uk/story/0,,t269-s2094843,00.html Saturday 8th September 2001 Mark Street, IT Week New online tool uses AI to mimic hackers, but some experts question how effective it can really be UK firm ProCheckUp has developed an online tool to expose network security flaws by using artificial intelligence (AI) to mimic the actions of a hacker. However, experts question how successful the software will be at detecting security holes. Using an AI knowledge base, automated Web agents, protocol specialist programs, flaw verification and four levels of internal error correction, the ProCheckNet tool can bypass commercial intrusion-detection systems, penetrate firewalls, and evaluate the vulnerability of systems to denial of service (DoS) attacks, said the company. The tool then produces a report that alerts managers to potential security flaws and offers advice on how to fix them. Richard Brain, technical director of ProCheckUp, said that the tool was designed to provide a better alternative to scanners, which he said had become outdated. "They were largely developed in the mid-1990s," he said. "Protocols have grown a lot more complex since then. Our tool builds up a profile on a targeted server and refines its attacks." Commenting on the new tool, Graham Fisher of analyst firm Bloor Research argued that a better way for companies to secure their systems against malicious attacks would be to employ the services of an ethical hacker. Fisher said it was unlikely that ProCheckNet could be trained to work with all operating systems and platforms, and said that it would offer only a limited service if it could. "You would also need to question the quality of the knowledge base that has gone into this," said Fisher. "Hacking is not like playing chess, which is made up of a number of finites. It sounds like they are trying to model the infinite." - ISN is currently hosted by Attrition.org To unsubscribe email majordomoat_private with 'unsubscribe isn' in the BODY of the mail.
This archive was generated by hypermail 2b30 : Mon Sep 10 2001 - 00:28:19 PDT