Computers do 'learn'

Computers do 'learn'

Data is analysed and adjustments made for better security

In computer security, there is one important area which requires more attention from time to time.

Besides the firewall, which is used to prevent bad data from coming into or confidential data from going out of the network, there is a security device called the intrusion detection and protection system (IDPS).

The firewall and the IDPS serve a similar function. They protect the network against bad data. The firewall is like an immigration counter. Its function is to prevent unauthorised "people" from coming into the region, or wanted "people" from going out.

The bad data might bypass the normal route but come into the computer system through unauthorised (such as a Trojan horse), imperfect (such as a thumb drive) or special channel (such as a modem). That's why another level of security device is needed. The IDPS is like the police checking for suspects when they are on the streets, or focusing on protecting an important person. As a result, the firewall and IDPS work together, providing the best defence for the computer network.

So, how does an IDPS work? Just as a police officer usually has some prior information about a suspect, the IDPS possesses advanced detection technologies. One of them, called the Advanced Neural Network, mimics an animal's central nervous system, with a brain and a network that trains neurons to detect trouble.

After the system receives input from outside, that data produces a pattern of behaviour inside the network that the input neurons track. The neurons also add weight, or significance, to the data. The neurons then pass on the details of this significance to another inner layer of neurons. These compare the latest conclusions against those produced by output neurons within the past year.

What's amazing about this process is how the system adjusts the information it "knows" after each process. It compares new behaviour to what has happened before. If this new behaviour suggests something negative is happening, then the data being checked is bad.

Question:

What do firewall and the IDPS have in common?

Answer the question about this story and win fabulous prizes. E-mail your answer, your school name and phone number to yp@scmp.com with "Science" in the subject line.


You might also like:

- A lack of Wi-Fi connections in schools may hinder the development of e-learning in the city.

- Some scientists are now exploring the use of nano-thermometers on thermal therapy, particularly for cancer

- Changing our diet could help guard against cancer

Comments

To post comments please
register or