News

Microsoft has shown off some forward-looking technologies during a research road show , including new ways to protect users from worms and to identify Web spam.

Other technologies included a tool to add metadata to digital pictures to make them easier to find, technology to improve the use of large displays with Windows, and a system that can create summaries of news stories by scanning several stories on the same subject.

Microsoft researcher, Helen Wang, detailed a proposed shield technology for protecting computers between the time a software vulnerability is disclosed and the time a patch is made available and applied.

Microsoft's top executives have mentioned the technology in speeches, but the company so far had provided little detail.

Regular software updates have been unable to prevent Internet worm attacks such as last year's Slammer and Blaster. Both exploited known vulnerabilities in Microsoft software; Slammer in Microsoft SQL Server 2000 and Blaster in Windows XP and Windows 2000.

A shield was basically an application-specific firewall that is updated with vulnerability-specific data, Wang said. It would protect computers against worm attacks by examining network traffic and taking action if malicious traffic was detected. Vulnerability signatures would be distributed much like antivirus signatures were today, she said.

Users had been slow to patch systems because updates need to be tested.

“The shield is not disruptive, much easier to test for side effects and easily reversible,” Wang said. “These features allow a shield to be automatically installed, unlike software patches.”

While Wang had seen a lot of interest from Microsoft's product groups in the shield technology, she said there were no concrete product plans. Microsoft is currently working on Longhorn, the next version of its Windows client, as well as releases of SQL Server and Windows Server 2003. All could potentially benefit from shield technology.

Fighting spam is another priority at Microsoft. While most of the emphasis has been on spam in email, Microsoft's researchers showed an application of statistical analysis to identify what Microsoft calls Web spam.

“A spam Web page is a page that exists only to misdirect traffic from a search engine,” Microsoft technologist, Dennis Fetterly, said.

Many of the spam Web pages try to sell users porn, software, or financial services, and aim for high rankings in search engines, he said.

Web spam can be identified by looking at the tactics used by the owners of such websites to trick search engines. Microsoft is tracking how many domain names point to the same website, the length of domain names and the number of links to the same site on a Web page, among other things, Fetterly said.

By analysing the data, likely spam pages can be pinpointed. These could then be excluded from a search engine or placed lower on a search results page, Fetterly said.

The Web spam page could be of use for Microsoft's MSN team, which is working to launch a new Web search service later this year to compete with Google.

Fetterly would not confirm if MSN plans to use the technology.