IBM Previews Intrusion Detection Software

ZDNet reports that IBM has expanded its security services with the formal unveiling of its intrusion-prevention offering.

The new feature, part of IBM's On Demand Innovation Services (ODIS), is Big Blue's latest effort to capture a bigger slice of the IT security market. Last month, the company debuted its Identity Manager Express security software.

IBM's intrusion-detection tool aims to monitor worm attacks and reduce false positives, or instances in which legitimate actions are classified as malicious intrusions. Among its features, the tool presents dummy postings of server activity that are designed to lure attackers into scanning the servers.

The detection tool then responds to the attacker in an effort to trick the attacking worm into revealing its identity. With the identity in hand, the tool also aims to reduce the number of false positive readings on legitimate actions.

"This is different than a regular honeypot that just traps the virus," said Steven Tomasco, an IBM spokesman. "The tool does not just trap it. It responds to it, so the worm will have to reveal its identity and there will be less false positives."

Other ODIS security features include biometrics, digital rights management and identity management.