Click here to close now.

Welcome!

AJAX & REA Authors: AppDynamics Blog, Elizabeth White, Trevor Parsons, VictorOps Blog, Plutora Blog

News Feed Item

Independent Georgia Tech Study Reveals Best Ways to Tell Customers "You're Botted"

SAN FRANCISCO, CA -- (Marketwire) -- 02/20/13 -- A bot believed to have netted $14 million in illicit profits has been turned into a golden learning opportunity, yielding important insights into how the online community can best alert and assist customers with infected systems. Georgia Tech researchers on Tuesday announced the results of a study based on the industry's response to the DNS Changer Trojan and shared recommendations to help curb future malware outbreaks at a presentation during the M3AAWG 27th General Meeting in San Francisco.

The DNS Changer Remediation Study identified phone calls, billing notices and redirecting users to customized Web pages among the most effective methods to notify customers that their systems were infected. Researchers Wei Meng and Ruian Duan, working under the supervision of Georgia Tech School of Computer Science Professor Wenke Lee, also found that "active" social media warnings were useful for enabling remediation. With this approach, sites such as Google directly informed users they were infected through their browser windows, a tactic that proved to be more effective in motivating users to disinfect their systems than passive warnings issued in general posts or news articles on social media platforms.

"Social media can have an important role to play in alerting users to infections in their systems and in stemming malware outbreaks. We believe in the importance of implementing active, direct notifications earlier in the process," Lee said.

The researchers looked at both various types of end-user alerts and network operators' efforts to help customers disinfect their systems, including using walled gardens, DNS redirection, anti-virus software and malware removal tools. Part of the challenge facing the industry from bots is determining how to notify users their systems have been compromised in a timely and credible manner, then assisting non-technical customers in remediating those machines, according to M3AAWG Co-Chairman Michael O'Reirdan.

O'Reirdan said, "The industry's response to the DNS Changer malware clearly showed how well competitors and vendors can work together when users' safety is on the line. It also was an extraordinary opportunity to objectively study the different approaches companies have developed to assist customers and to understand the important role each of us plays in safeguarding the online experience. The active involvement of anti-malware and security tool vendors, social media platforms, law enforcement, operating system vendors and home networking technology vendors has been shown to be crucial. In the end, it takes the entire Internet ecosystem working together to protect end-users."

The data used in the study to determine infection and cleanup rates was provided anonymously from major ISPs around the world through the DNS Changer Working Group (DCWG) to the research team at the Georgia Tech Information Security Center (GTISC). To identify the different types of notification and mediation techniques used, the researchers sent questionnaires asking network operators how they had alerted customers who were infected with the DNS Changer malware and the specifics around the remediation efforts employed by each ISP to assist customers in cleaning their machines. An ISP that did not take any action in response to the malware became the baseline for measuring the effectiveness of the other approaches, according to Lee.

From 2007 to 2011, the DNS Changer Trojan hijacked Internet searches and re-routed the Web browsers of infected computers to fraudulent sites using the rogue DNS servers operated by the Rove Digital advertising network. However, if the rogue DNS servers had been turned off when the allegedly responsible Estonians were arrested, infected end-users would not have been able to reach the Web. The DCWG was a group formed to assist law enforcement in dealing with the potential end-user issues arising from the law enforcement action. The DCWG also helped operate and monitor the "clean" DNS servers that were operated legally by the Internet Systems Consortium (ISC) under a U.S. court order from November 2011 to July 2012. As a result, instead of suddenly losing access to the Internet, millions of users were notified they were infected and needed to clean up their machines.

The complete DNS Changer Remediation Study is available on the M3AAWG website at https://www.maawg.org/sites/maawg/files/news/GeorgiaTech_DNSChanger_Study-2013-02-19.pdf.

About the Messaging, Malware and Mobile Anti-Abuse Working Group (M3AAWG)

The Messaging, Malware and Mobile Anti-Abuse Working Group (M3AAWG) is where the industry comes together to work against bots, malware, spam, viruses, denial-of-service attacks and other online exploitation. M3AAWG (www.M3AAWG.org) represents more than one billion mailboxes from some of the largest network operators worldwide. It leverages the depth and experience of its global membership to tackle abuse on existing networks and new emerging services through technology, collaboration and public policy. It also works to educate global policy makers on the technical and operational issues related to online abuse and messaging. Headquartered in San Francisco, Calif., M3AAWG is driven by market needs and supported by major network operators and messaging providers.

M3AAWG Board of Directors: AT&T (NYSE: T); Cloudmark, Inc.; Comcast (NASDAQ: CMCSA); Constant Contact (NASDAQ: CTCT); Cox Communications; Damballa, Inc.; Eloqua; Facebook; France Telecom (NYSE and Euronext: FTE); Google; PayPal; Return Path; Symantec; Time Warner Cable; Verizon Communications; and Yahoo! Inc.

M3AAWG Full Members: 1&1 Internet AG; Adaptive Mobile Security LTD; Adobe Systems Inc.; AOL; BAE Systems Detica; Cisco Systems, Inc.; Dynamic Network Services Inc.; Email Sender and Provider Coalition; Genius; iContact; Internet Initiative Japan (IIJ NASDAQ: IIJI); Mailchimp; McAfee Inc.; Message Systems; Mimecast; Nominum, Inc.; Proofpoint; Scality; Spamhaus; Sprint; and Twitter.

A complete member list is available at http://www.m3aawg.org/about/roster.

Add to Digg Bookmark with del.icio.us Add to Newsvine

Media Contact:
Linda Marcus, APR
1+949-887-8887 (mobile-U.S. Pacific)
Email Contact
Astra Communications

More Stories By Marketwired .

Copyright © 2009 Marketwired. All rights reserved. All the news releases provided by Marketwired are copyrighted. Any forms of copying other than an individual user's personal reference without express written permission is prohibited. Further distribution of these materials is strictly forbidden, including but not limited to, posting, emailing, faxing, archiving in a public database, redistributing via a computer network or in a printed form.

@CloudExpo Stories
PubNub on Monday has announced that it is partnering with IBM to bring its sophisticated real-time data streaming and messaging capabilities to Bluemix, IBM’s cloud development platform. “Today’s app and connected devices require an always-on connection, but building a secure, scalable solution from the ground up is time consuming, resource intensive, and error-prone,” said Todd Greene, CEO of PubNub. “PubNub enables web, mobile and IoT developers building apps on IBM Bluemix to quickly add sc...
Business and IT leaders today need better application delivery capabilities to support critical new innovation. But how often do you hear objections to improving application delivery like, “I can harden it against attack, but not on this timeline”; “I can make it better, but it will cost more”; “I can deliver faster, but not with these specs”; or “I can stay strong on cost control, but quality will suffer”? In the new application economy, these tradeoffs are no longer acceptable. Customers will ...
The Internet of Things (IoT) is rapidly in the process of breaking from its heretofore relatively obscure enterprise applications (such as plant floor control and supply chain management) and going mainstream into the consumer space. More and more creative folks are interconnecting everyday products such as household items, mobile devices, appliances and cars, and unleashing new and imaginative scenarios. We are seeing a lot of excitement around applications in home automation, personal fitness,...
Data-intensive companies that strive to gain insights from data using Big Data analytics tools can gain tremendous competitive advantage by deploying data-centric storage. Organizations generate large volumes of data, the vast majority of which is unstructured. As the volume and velocity of this unstructured data increases, the costs, risks and usability challenges associated with managing the unstructured data (regardless of file type, size or device) increases simultaneously, including end-to-...
Red Hat has launched the Red Hat Cloud Innovation Practice, a new global team of experts that will assist companies with more quickly on-ramping to the cloud. They will do this by providing solutions and services such as validated designs with reference architectures and agile methodology consulting, training, and support. The Red Hat Cloud Innovation Practice is born out of the integration of technology and engineering expertise gained through the company’s 2014 acquisitions of leading Ceph s...
The excitement around the possibilities enabled by Big Data is being tempered by the daunting task of feeding the analytics engines with high quality data on a continuous basis. As the once distinct fields of data integration and data management increasingly converge, cloud-based data solutions providers have emerged that can buffer your organization from the complexities of this continuous data cleansing and management so that you’re free to focus on the end goal: actionable insight.
The Internet of Things (IoT) is causing data centers to become radically decentralized and atomized within a new paradigm known as “fog computing.” To support IoT applications, such as connected cars and smart grids, data centers' core functions will be decentralized out to the network's edges and endpoints (aka “fogs”). As this trend takes hold, Big Data analytics platforms will focus on high-volume log analysis (aka “logs”) and rely heavily on cognitive-computing algorithms (aka “cogs”) to mak...
With several hundred implementations of IoT-enabled solutions in the past 12 months alone, this session will focus on experience over the art of the possible. Many can only imagine the most advanced telematics platform ever deployed, supporting millions of customers, producing tens of thousands events or GBs per trip, and hundreds of TBs per month. With the ability to support a billion sensor events per second, over 30PB of warm data for analytics, and hundreds of PBs for an data analytics arc...
The free version of KEMP Technologies' LoadMaster™ application load balancer is now available for unlimited use, making it easy for IT developers and open source technology users to benefit from all the features of a full commercial-grade product at no cost. It can be downloaded at FreeLoadBalancer.com. Load balancing, security and traffic optimization are all key enablers for application performance and functionality. Without these, application services will not perform as expected or have the...
The speed of product development has increased massively in the past 10 years. At the same time our formal secure development and SDL methodologies have fallen behind. This forces product developers to choose between rapid release times and security. In his session at DevOps Summit, Michael Murray, Director of Cyber Security Consulting and Assessment at GE Healthcare, examined the problems and presented some solutions for moving security into the DevOps lifecycle to ensure that we get fast AND ...
Docker is becoming very popular--we are seeing every major private and public cloud vendor racing to adopt it. It promises portability and interoperability, and is quickly becoming the currency of the Cloud. In his session at DevOps Summit, Bart Copeland, CEO of ActiveState, discussed why Docker is so important to the future of the cloud, but will also take a step back and show that Docker is actually only one piece of the puzzle. Copeland will outline the bigger picture of where Docker fits a...
The Workspace-as-a-Service (WaaS) market will grow to $6.4B by 2018. In his session at 16th Cloud Expo, Seth Bostock, CEO of IndependenceIT, will begin by walking the audience through the evolution of Workspace as-a-Service, where it is now vs. where it going. To look beyond the desktop we must understand exactly what WaaS is, who the users are, and where it is going in the future. IT departments, ISVs and service providers must look to workflow and automation capabilities to adapt to growing ...
The Internet of Things (IoT) promises to evolve the way the world does business; however, understanding how to apply it to your company can be a mystery. Most people struggle with understanding the potential business uses or tend to get caught up in the technology, resulting in solutions that fail to meet even minimum business goals. In his session at @ThingsExpo, Jesse Shiah, CEO / President / Co-Founder of AgilePoint Inc., showed what is needed to leverage the IoT to transform your business. ...
Hadoop as a Service (as offered by handful of niche vendors now) is a cloud computing solution that makes medium and large-scale data processing accessible, easy, fast and inexpensive. In his session at Big Data Expo, Kumar Ramamurthy, Vice President and Chief Technologist, EIM & Big Data, at Virtusa, will discuss how this is achieved by eliminating the operational challenges of running Hadoop, so one can focus on business growth. The fragmented Hadoop distribution world and various PaaS soluti...
Advanced Persistent Threats (APTs) are increasing at an unprecedented rate. The threat landscape of today is drastically different than just a few years ago. Attacks are much more organized and sophisticated. They are harder to detect and even harder to anticipate. In the foreseeable future it's going to get a whole lot harder. Everything you know today will change. Keeping up with this changing landscape is already a daunting task. Your organization needs to use the latest tools, methods and ex...
In his session at DevOps Summit, Tapabrata Pal, Director of Enterprise Architecture at Capital One, will tell a story about how Capital One has embraced Agile and DevOps Security practices across the Enterprise – driven by Enterprise Architecture; bringing in Development, Operations and Information Security organizations together. Capital Ones DevOpsSec practice is based upon three "pillars" – Shift-Left, Automate Everything, Dashboard Everything. Within about three years, from 100% waterfall, C...
Disruptive macro trends in technology are impacting and dramatically changing the "art of the possible" relative to supply chain management practices through the innovative use of IoT, cloud, machine learning and Big Data to enable connected ecosystems of engagement. Enterprise informatics can now move beyond point solutions that merely monitor the past and implement integrated enterprise fabrics that enable end-to-end supply chain visibility to improve customer service delivery and optimize sup...
Even as cloud and managed services grow increasingly central to business strategy and performance, challenges remain. The biggest sticking point for companies seeking to capitalize on the cloud is data security. Keeping data safe is an issue in any computing environment, and it has been a focus since the earliest days of the cloud revolution. Understandably so: a lot can go wrong when you allow valuable information to live outside the firewall. Recent revelations about government snooping, along...
SYS-CON Events announced today that Dyn, the worldwide leader in Internet Performance, will exhibit at SYS-CON's 16th International Cloud Expo®, which will take place on June 9-11, 2015, at the Javits Center in New York City, NY. Dyn is a cloud-based Internet Performance company. Dyn helps companies monitor, control, and optimize online infrastructure for an exceptional end-user experience. Through a world-class network and unrivaled, objective intelligence into Internet conditions, Dyn ensures...
As organizations shift toward IT-as-a-service models, the need for managing and protecting data residing across physical, virtual, and now cloud environments grows with it. CommVault can ensure protection &E-Discovery of your data – whether in a private cloud, a Service Provider delivered public cloud, or a hybrid cloud environment – across the heterogeneous enterprise. In his session at 16th Cloud Expo, Randy De Meno, Chief Technologist - Windows Products and Microsoft Partnerships, will disc...