Skip to Content

Computer Immunity

Better anti-hacking tools attack invaders.
July 1, 2003

For years computer scientists have dreamed of building computer security software as effective and versatile as the human immune system, which can swiftly overwhelm even intruders it has never seen before. Such a software tool would free programmers from having to anticipate and respond to the changing array of attacks hackers use; instead, it would simply allow a computer to understand its own normal behavior and shut down deviant processes.

Now such systems are finally going commercial. An intrusion prevention system from Sana Security of San Mateo, CA, is protecting private customer data for companies like Smith and Hawken, a catalogue and Internet retailer in Marin County, CA. Smith and Hawken officials say none of the many attempts to infiltrate their computers have succeeded since they began a trial run of Sana’s software in mid-2002, and that hands-on monitoring has been reduced by dozens of hours a week. “I’ve heard the immune system analogy before in the security business, and usually my eyes roll up in my head,” says Eric Ogren, a senior analyst and computer security specialist at Boston technology consultancy the Yankee Group. “What makes Sana unique is the way their software is able to automatically learn.”

In the body, immune cells learn to recognize invaders by assuming that unfamiliar patterns on the surfaces of cells are foreign. Sana’s software, launched commercially in March, uses a similar trick. It learns a computer’s typical pattern of “system calls,” or requests that a program issues to the operating system in order to carry out actions such as reading or writing on a disk. “When someone is using a flaw in a program to gain access to a system, they are typically forcing the system to do something unusual,” says Sana founder and chief scientist Steven Hofmeyr. “Our self’ is really the sequence of normal system calls, and nonself’ is those that are caused when the system is attacked.”

There’s a big incentive to upgrade security: a California law going into effect this summer will require companies to notify-and possibly pay damages to-customers whose private information is exposed through computer breaches. Sana has a handful of competitors, including Hewlett-Packard and IBM, that are also using lessons from human physiology to automate computer security. But considering it took millions of years for immune systems to evolve, it may be a while before the market selects a winner.

Keep Reading

Most Popular

A Roomba recorded a woman on the toilet. How did screenshots end up on Facebook?

Robot vacuum companies say your images are safe, but a sprawling global supply chain for data from our devices creates risk.

A startup says it’s begun releasing particles into the atmosphere, in an effort to tweak the climate

Make Sunsets is already attempting to earn revenue for geoengineering, a move likely to provoke widespread criticism.

10 Breakthrough Technologies 2023

Every year, we pick the 10 technologies that matter the most right now. We look for advances that will have a big impact on our lives and break down why they matter.

The viral AI avatar app Lensa undressed me—without my consent

My avatars were cartoonishly pornified, while my male colleagues got to be astronauts, explorers, and inventors.

Stay connected

Illustration by Rose Wong

Get the latest updates from
MIT Technology Review

Discover special offers, top stories, upcoming events, and more.

Thank you for submitting your email!

Explore more newsletters

It looks like something went wrong.

We’re having trouble saving your preferences. Try refreshing this page and updating them one more time. If you continue to get this message, reach out to us at with a list of newsletters you’d like to receive.