Become a fan of Slashdot on Facebook

 


Forgot your password?
Close
typodupeerror
×
Security Networking

Predicting Malicious Web Attacks 82

Posted by kdawson from the you-will-begin-ddosing-me-in-three-two-one dept.
KentuckyFC writes "Recommendation systems attempt to guess what books, movies, or news people are likely to be interested in. Companies such as Amazon, Google, and Netflix have developed algorithms to mine vast databases looking for correlations that they then use to recommend new items. Now a team of computer scientists has used some of the same filtering techniques to predict the origin of malicious Web attacks so that they can be blacklisted in advance. The team mined a database of hundreds of millions of security logs looking for correlations between victims. The correlations were then used to produce a predictive blacklist of potential attackers. The team says its algorithm is up to 70 per cent more successful at predicting the origin of attacks than current state-of-the-art predictive blacklisting."
This discussion has been archived. No new comments can be posted.

Predicting Malicious Web Attacks More

Predicting Malicious Web Attacks

Comments Filter:

  • Minority Report (Score:2, Interesting)

    by SilverHatHacker ( 1381259 ) on Tuesday August 18, 2009 @04:19PM (#29110785)
    Wonderful. It's Minority Report for the internet.
    What about false positives? Can they be held responsible for blacklisting an innocent site?

  • Did I read this right... (Score:5, Interesting)

    by bigredradio ( 631970 ) on Tuesday August 18, 2009 @04:24PM (#29110883) Homepage Journal

    recommendation systems may soon be providing you not only with books and movie tips but a happier surfing experience too

    I am a little weary of making my surfing experience happier by allowing the system to do my thinking for me. Just think, "clippy" for the browser.

  • Re:No doubt useful (Score:3, Interesting)

    by vertinox ( 846076 ) on Tuesday August 18, 2009 @04:36PM (#29111067)

    What is "true security" against the main threat of the modern era: social engineering?

    Social engineering will always be a problem but there is a simple fix. Restrict the user on damage they can do on their own given the worse case circumstances and you will also end up with the same prevention of malware in the process.

    Speaking of which... Why does a web page ever need to communicate with the OS to make file changes to the OS? Why?! Why I ask?!

    This is a flawed premise and will solve 99% of the problems we face with internet security.

    The OS must sandbox the browser and its add-ons between it and the OS.

    In fact... Why stop there... The OS must be sandboxes between it and the user.

    Basically true security is basically given the users and OS like the iPhone and patting them on the back and say "have a nice day".

    "But I want to use my legacy apps?" they say...

    "Well I want a pony!" you reply "But you'll just have to deal with a limited OS because we can't have nice things because they keep installing viruses on their machine!"

    How do you protect a user that will click on the user account control pop-up as many times as is required to install that cool "weather forecasting" program that sits in his task tray?

    Require the "weather forecasting" app to submit an approval to a central repository like the iPhone.

    See where I am leading you...

    Seriously... In the future the average user will put up with an OS like the iPhone and they'll be happy because it just works or appears to and the admins of the world will be happy because people aren't screwing things up with bot nets.

    Win7 and IE8 might be a big step in that direction but we'll have to see.

  • Comment removed (Score:3, Interesting)

    by account_deleted ( 4530225 ) on Tuesday August 18, 2009 @08:58PM (#29113531)
    Comment removed based on user account deletion

Slashdot Top Deals

If you want to put yourself on the map, publish your own map.

Close