Set your sights on compromised networks

A New York University professor believes that CIOs worried about security are often shortsighted when only concerned about intrusion detection and prevention from the outside.

Instead, said Nasir Memon, professor of Computer Science and Engineering at the Polytechnic Institute of NYU, CIOs should start dealing with the computers on their networks that have already been compromised. Memon has developed a new system that assumes there is malware inside networks.

"Intrusion prevention is not enough. You have to be watching inside your network very carefully and looking for infections," he told CIO.com.

The professor's program, known as INFER, uses sensors deployed next to routers and switches to passively monitor network traffic and summarize it.

"The moment the attacker starts doing things with a compromised machine, it will start showing footprints on the network. That's what we want to focus on," Memon told CIO.com.

For more on dealing with compromised networks:
- check out this CIO.com article

Related Articles:
Your website isn't safe
A good year for tech security firms
Inventor: SSL security woes are really the fault of browser design