Bank IT security managers have a plethora of tools available to protect their banks’ information technology and critical data. These tools include the venerable network firewall, intrusion-detection systems, anti-virus tools, and spyware detection applications. However, industry security analysts now recommend that financial institutions expand their networks’ defensive perimeters to include a botwall that targets in-house micro-computers that have been turned into zombies controlled by hackers. Analysts emphasize that U.S. banks and thrifts need to wall off cyber robots (bots) with appliances that sit inside the bank’s data center and work with systems deployed at their Internet service providers and third-party technology partners. This network architecture, when properly configured, can yield a botwall network designed to identify and shut down dangerous and malicious bots.

Industry security advisers note that each botwall runs a virtual victim machine (VVM) configuration, which includes software that feigns susceptibility to a hacker’s zombie ruse. The VVM technology works by capturing suspicious network traffic that passes through the bank’s network firewall and analyzes it for malware. This analysis is completed by each botwall that has been configured on the bank’s network, in combination with those off-network botwalls deployed by the bank’s service providers. Analysts further claim that the botwalls can quickly determine whether network traffic is dangerous and whether

to let it through or shut down any data emanating from the source domain. Other security actions can be taken at this time as well.

Fire Eye Inc., a Menlo Park, California security specialist firm, has recently developed two botwall models. One model can handle network traffic up to 200 megabit per second, and the other can handle volumes up to 1 gigabit per second. Just this month, Fire Eye’s management has released a new botwall model that can process data moving at between 5 gigabit per second and 8 gigabit per second. Pricing for these botwall tools starts at $10,000.

Reducing False Positives. Systems development teams within the financial institutions industry are often under pressure to get their new security code into production as soon as possible. What often hinders this process is analysis tools that report security problems in source code that do not actually exist. To combat this ongoing problem, technologists at San Francisco-based Coverity, Inc. have developed an add-on tool which includes a mathematical technique known as satisfiability. The company’s primary product, the SAT False Path Pruning Solver eliminates places in C, C++, and Java code where defects are infeasible, thereby reducing the false positive rate to as low as five percent. Coverity management plans to reduce these false positive statistics with a new module to be released this quarter which targets buffer, string, and integer overflow problems. Detailed pricing for Coverity’s Prevent SQS product is available at www.coverity.com.

Keystrokes Can Improve Security. BioPassword, Inc., an Issaquah, Washington biometrics technology company, recently shipped the 4.0 Enterprise Edition of its eponymous log-in software. Its keystroke dynamics feature provides biometric assurance that a user is who they say they are or, more precisely, who they type they are. This recent upgrade improves the accuracy of identifying users through their typing techniques to approximately 99.2 percent. Management claims that this level of accuracy is equivalent to a fingerprint as a means of authentication.

This product release also includes support for the Citrix Access Gateway VPN. BioPassword currently integrates with Microsoft’s Active Directory to authenticate Windows clients. Later this year, management will add support for Apple Macintosh and Linux users as well as standard LDAP directories.

Because the software knows how users type their usernames and passwords, the software can be utilized to identify who is sharing their passwords with other unauthorized individuals. If a user has a hand injury or is experiencing some malady that affects their typical typing pattern, BioPassword can offer challenge questions to verify and authenticate the log-in process.

A perpetual license for the Enterprise Edition of BioPassword starts at $50 per user. BioPassword’s security and fraud prevention product line for the financial institutions industry can be viewed at www.biopassword.com.

by Randolph Gradeham, Oasis Security Consulting