Skip to Content

Computer Immunity

Better anti-hacking tools attack invaders.
July 1, 2003

For years computer scientists have dreamed of building computer security software as effective and versatile as the human immune system, which can swiftly overwhelm even intruders it has never seen before. Such a software tool would free programmers from having to anticipate and respond to the changing array of attacks hackers use; instead, it would simply allow a computer to understand its own normal behavior and shut down deviant processes.

Now such systems are finally going commercial. An intrusion prevention system from Sana Security of San Mateo, CA, is protecting private customer data for companies like Smith and Hawken, a catalogue and Internet retailer in Marin County, CA. Smith and Hawken officials say none of the many attempts to infiltrate their computers have succeeded since they began a trial run of Sana’s software in mid-2002, and that hands-on monitoring has been reduced by dozens of hours a week. “I’ve heard the immune system analogy before in the security business, and usually my eyes roll up in my head,” says Eric Ogren, a senior analyst and computer security specialist at Boston technology consultancy the Yankee Group. “What makes Sana unique is the way their software is able to automatically learn.”

In the body, immune cells learn to recognize invaders by assuming that unfamiliar patterns on the surfaces of cells are foreign. Sana’s software, launched commercially in March, uses a similar trick. It learns a computer’s typical pattern of “system calls,” or requests that a program issues to the operating system in order to carry out actions such as reading or writing on a disk. “When someone is using a flaw in a program to gain access to a system, they are typically forcing the system to do something unusual,” says Sana founder and chief scientist Steven Hofmeyr. “Our self’ is really the sequence of normal system calls, and nonself’ is those that are caused when the system is attacked.”

There’s a big incentive to upgrade security: a California law going into effect this summer will require companies to notify-and possibly pay damages to-customers whose private information is exposed through computer breaches. Sana has a handful of competitors, including Hewlett-Packard and IBM, that are also using lessons from human physiology to automate computer security. But considering it took millions of years for immune systems to evolve, it may be a while before the market selects a winner.

Keep Reading

Most Popular

Workers disinfect the street outside Shijiazhuang Railway Station
Workers disinfect the street outside Shijiazhuang Railway Station

Why China is still obsessed with disinfecting everything

Most public health bodies dealing with covid have long since moved on from the idea of surface transmission. China’s didn’t—and that helps it control the narrative about the disease’s origins and danger.

individual aging affects covid outcomes concept
individual aging affects covid outcomes concept

Anti-aging drugs are being tested as a way to treat covid

Drugs that rejuvenate our immune systems and make us biologically younger could help protect us from the disease’s worst effects.

Europe's AI Act concept
Europe's AI Act concept

A quick guide to the most important AI law you’ve never heard of

The European Union is planning new legislation aimed at curbing the worst harms associated with artificial intelligence.

Stay connected

Illustration by Rose WongIllustration by Rose Wong

Get the latest updates from
MIT Technology Review

Discover special offers, top stories, upcoming events, and more.

Thank you for submitting your email!

Explore more newsletters

It looks like something went wrong.

We’re having trouble saving your preferences. Try refreshing this page and updating them one more time. If you continue to get this message, reach out to us at customer-service@technologyreview.com with a list of newsletters you’d like to receive.