Scientists from the University of California have published a paper about a technique borrowed from e-commerce that could stop virus attacks by prediction.
The technique, called 'highly predictive blacklisting', used data from past attacks to map out a pattern of the way viruses spread through systems.
Once it recognised suspicious activity, the system coped with the threat by blacklisting the site that delivered the malware.
"We propose a multi-level prediction model that is adjusted and tuned specifically for the attack forecasting problem," said Fabio Soldo, Anh Le and Athina Markopoulou, the authors of the paper, entitled Predictive Blacklisting as an Implicit Recommendation System.
"Our model captures and combines various factors, namely: attacker-victim history (using time-series) and attackers and/or victims interactions (using neighbourhood models)."
The team took Amazon's predictive model as its inspiration, in which customers are recommended books that they may like based on past purchases.
In practice, the team used a Google PageRank-type algorithm to find and block the most common attack vectors.
The researchers tested the system on a dataset of hundreds of millions of security logs collected from hundreds of networks over the course of a month.
The team claimed that the new technique improves on current state-of-the-art blacklisting systems by 70 percent, and that there was plenty of room for improvement.
