Skip to Content

Computer Immunity

Better anti-hacking tools attack invaders.
July 1, 2003

For years computer scientists have dreamed of building computer security software as effective and versatile as the human immune system, which can swiftly overwhelm even intruders it has never seen before. Such a software tool would free programmers from having to anticipate and respond to the changing array of attacks hackers use; instead, it would simply allow a computer to understand its own normal behavior and shut down deviant processes.

Now such systems are finally going commercial. An intrusion prevention system from Sana Security of San Mateo, CA, is protecting private customer data for companies like Smith and Hawken, a catalogue and Internet retailer in Marin County, CA. Smith and Hawken officials say none of the many attempts to infiltrate their computers have succeeded since they began a trial run of Sana’s software in mid-2002, and that hands-on monitoring has been reduced by dozens of hours a week. “I’ve heard the immune system analogy before in the security business, and usually my eyes roll up in my head,” says Eric Ogren, a senior analyst and computer security specialist at Boston technology consultancy the Yankee Group. “What makes Sana unique is the way their software is able to automatically learn.”

In the body, immune cells learn to recognize invaders by assuming that unfamiliar patterns on the surfaces of cells are foreign. Sana’s software, launched commercially in March, uses a similar trick. It learns a computer’s typical pattern of “system calls,” or requests that a program issues to the operating system in order to carry out actions such as reading or writing on a disk. “When someone is using a flaw in a program to gain access to a system, they are typically forcing the system to do something unusual,” says Sana founder and chief scientist Steven Hofmeyr. “Our self’ is really the sequence of normal system calls, and nonself’ is those that are caused when the system is attacked.”

There’s a big incentive to upgrade security: a California law going into effect this summer will require companies to notify-and possibly pay damages to-customers whose private information is exposed through computer breaches. Sana has a handful of competitors, including Hewlett-Packard and IBM, that are also using lessons from human physiology to automate computer security. But considering it took millions of years for immune systems to evolve, it may be a while before the market selects a winner.

Keep Reading

Most Popular

This new data poisoning tool lets artists fight back against generative AI

The tool, called Nightshade, messes up training data in ways that could cause serious damage to image-generating AI models. 

Rogue superintelligence and merging with machines: Inside the mind of OpenAI’s chief scientist

An exclusive conversation with Ilya Sutskever on his fears for the future of AI and why they’ve made him change the focus of his life’s work.

Data analytics reveal real business value

Sophisticated analytics tools mine insights from data, optimizing operational processes across the enterprise.

Driving companywide efficiencies with AI

Advanced AI and ML capabilities revolutionize how administrative and operations tasks are done.

Stay connected

Illustration by Rose Wong

Get the latest updates from
MIT Technology Review

Discover special offers, top stories, upcoming events, and more.

Thank you for submitting your email!

Explore more newsletters

It looks like something went wrong.

We’re having trouble saving your preferences. Try refreshing this page and updating them one more time. If you continue to get this message, reach out to us at customer-service@technologyreview.com with a list of newsletters you’d like to receive.