Welcome!

Adobe Flex Authors: Matthew Lobas, PR.com Newswire, Shelly Palmer, Kevin Benedict

News Feed Item

Independent Georgia Tech Study Reveals Best Ways to Tell Customers "You're Botted"

SAN FRANCISCO, CA -- (Marketwire) -- 02/20/13 -- A bot believed to have netted $14 million in illicit profits has been turned into a golden learning opportunity, yielding important insights into how the online community can best alert and assist customers with infected systems. Georgia Tech researchers on Tuesday announced the results of a study based on the industry's response to the DNS Changer Trojan and shared recommendations to help curb future malware outbreaks at a presentation during the M3AAWG 27th General Meeting in San Francisco.

The DNS Changer Remediation Study identified phone calls, billing notices and redirecting users to customized Web pages among the most effective methods to notify customers that their systems were infected. Researchers Wei Meng and Ruian Duan, working under the supervision of Georgia Tech School of Computer Science Professor Wenke Lee, also found that "active" social media warnings were useful for enabling remediation. With this approach, sites such as Google directly informed users they were infected through their browser windows, a tactic that proved to be more effective in motivating users to disinfect their systems than passive warnings issued in general posts or news articles on social media platforms.

"Social media can have an important role to play in alerting users to infections in their systems and in stemming malware outbreaks. We believe in the importance of implementing active, direct notifications earlier in the process," Lee said.

The researchers looked at both various types of end-user alerts and network operators' efforts to help customers disinfect their systems, including using walled gardens, DNS redirection, anti-virus software and malware removal tools. Part of the challenge facing the industry from bots is determining how to notify users their systems have been compromised in a timely and credible manner, then assisting non-technical customers in remediating those machines, according to M3AAWG Co-Chairman Michael O'Reirdan.

O'Reirdan said, "The industry's response to the DNS Changer malware clearly showed how well competitors and vendors can work together when users' safety is on the line. It also was an extraordinary opportunity to objectively study the different approaches companies have developed to assist customers and to understand the important role each of us plays in safeguarding the online experience. The active involvement of anti-malware and security tool vendors, social media platforms, law enforcement, operating system vendors and home networking technology vendors has been shown to be crucial. In the end, it takes the entire Internet ecosystem working together to protect end-users."

The data used in the study to determine infection and cleanup rates was provided anonymously from major ISPs around the world through the DNS Changer Working Group (DCWG) to the research team at the Georgia Tech Information Security Center (GTISC). To identify the different types of notification and mediation techniques used, the researchers sent questionnaires asking network operators how they had alerted customers who were infected with the DNS Changer malware and the specifics around the remediation efforts employed by each ISP to assist customers in cleaning their machines. An ISP that did not take any action in response to the malware became the baseline for measuring the effectiveness of the other approaches, according to Lee.

From 2007 to 2011, the DNS Changer Trojan hijacked Internet searches and re-routed the Web browsers of infected computers to fraudulent sites using the rogue DNS servers operated by the Rove Digital advertising network. However, if the rogue DNS servers had been turned off when the allegedly responsible Estonians were arrested, infected end-users would not have been able to reach the Web. The DCWG was a group formed to assist law enforcement in dealing with the potential end-user issues arising from the law enforcement action. The DCWG also helped operate and monitor the "clean" DNS servers that were operated legally by the Internet Systems Consortium (ISC) under a U.S. court order from November 2011 to July 2012. As a result, instead of suddenly losing access to the Internet, millions of users were notified they were infected and needed to clean up their machines.

The complete DNS Changer Remediation Study is available on the M3AAWG website at https://www.maawg.org/sites/maawg/files/news/GeorgiaTech_DNSChanger_Study-2013-02-19.pdf.

About the Messaging, Malware and Mobile Anti-Abuse Working Group (M3AAWG)

The Messaging, Malware and Mobile Anti-Abuse Working Group (M3AAWG) is where the industry comes together to work against bots, malware, spam, viruses, denial-of-service attacks and other online exploitation. M3AAWG (www.M3AAWG.org) represents more than one billion mailboxes from some of the largest network operators worldwide. It leverages the depth and experience of its global membership to tackle abuse on existing networks and new emerging services through technology, collaboration and public policy. It also works to educate global policy makers on the technical and operational issues related to online abuse and messaging. Headquartered in San Francisco, Calif., M3AAWG is driven by market needs and supported by major network operators and messaging providers.

M3AAWG Board of Directors: AT&T (NYSE: T); Cloudmark, Inc.; Comcast (NASDAQ: CMCSA); Constant Contact (NASDAQ: CTCT); Cox Communications; Damballa, Inc.; Eloqua; Facebook; France Telecom (NYSE and Euronext: FTE); Google; PayPal; Return Path; Symantec; Time Warner Cable; Verizon Communications; and Yahoo! Inc.

M3AAWG Full Members: 1&1 Internet AG; Adaptive Mobile Security LTD; Adobe Systems Inc.; AOL; BAE Systems Detica; Cisco Systems, Inc.; Dynamic Network Services Inc.; Email Sender and Provider Coalition; Genius; iContact; Internet Initiative Japan (IIJ NASDAQ: IIJI); Mailchimp; McAfee Inc.; Message Systems; Mimecast; Nominum, Inc.; Proofpoint; Scality; Spamhaus; Sprint; and Twitter.

A complete member list is available at http://www.m3aawg.org/about/roster.

Add to Digg Bookmark with del.icio.us Add to Newsvine

Media Contact:
Linda Marcus, APR
1+949-887-8887 (mobile-U.S. Pacific)
Email Contact
Astra Communications

More Stories By Marketwired .

Copyright © 2009 Marketwired. All rights reserved. All the news releases provided by Marketwired are copyrighted. Any forms of copying other than an individual user's personal reference without express written permission is prohibited. Further distribution of these materials is strictly forbidden, including but not limited to, posting, emailing, faxing, archiving in a public database, redistributing via a computer network or in a printed form.

IoT & Smart Cities Stories
Enterprises have taken advantage of IoT to achieve important revenue and cost advantages. What is less apparent is how incumbent enterprises operating at scale have, following success with IoT, built analytic, operations management and software development capabilities - ranging from autonomous vehicles to manageable robotics installations. They have embraced these capabilities as if they were Silicon Valley startups.
DXWorldEXPO LLC announced today that Telecom Reseller has been named "Media Sponsor" of CloudEXPO | DXWorldEXPO 2018 New York, which will take place on November 11-13, 2018 in New York City, NY. Telecom Reseller reports on Unified Communications, UCaaS, BPaaS for enterprise and SMBs. They report extensively on both customer premises based solutions such as IP-PBX as well as cloud based and hosted platforms.
In his keynote at 18th Cloud Expo, Andrew Keys, Co-Founder of ConsenSys Enterprise, will provide an overview of the evolution of the Internet and the Database and the future of their combination – the Blockchain. Andrew Keys is Co-Founder of ConsenSys Enterprise. He comes to ConsenSys Enterprise with capital markets, technology and entrepreneurial experience. Previously, he worked for UBS investment bank in equities analysis. Later, he was responsible for the creation and distribution of life ...
Chris Matthieu is the President & CEO of Computes, inc. He brings 30 years of experience in development and launches of disruptive technologies to create new market opportunities as well as enhance enterprise product portfolios with emerging technologies. His most recent venture was Octoblu, a cross-protocol Internet of Things (IoT) mesh network platform, acquired by Citrix. Prior to co-founding Octoblu, Chris was founder of Nodester, an open-source Node.JS PaaS which was acquired by AppFog and ...
The Founder of NostaLab and a member of the Google Health Advisory Board, John is a unique combination of strategic thinker, marketer and entrepreneur. His career was built on the "science of advertising" combining strategy, creativity and marketing for industry-leading results. Combined with his ability to communicate complicated scientific concepts in a way that consumers and scientists alike can appreciate, John is a sought-after speaker for conferences on the forefront of healthcare science,...
"The Striim platform is a full end-to-end streaming integration and analytics platform that is middleware that covers a lot of different use cases," explained Steve Wilkes, Founder and CTO at Striim, in this SYS-CON.tv interview at 20th Cloud Expo, held June 6-8, 2017, at the Javits Center in New York City, NY.
The deluge of IoT sensor data collected from connected devices and the powerful AI required to make that data actionable are giving rise to a hybrid ecosystem in which cloud, on-prem and edge processes become interweaved. Attendees will learn how emerging composable infrastructure solutions deliver the adaptive architecture needed to manage this new data reality. Machine learning algorithms can better anticipate data storms and automate resources to support surges, including fully scalable GPU-c...
Predicting the future has never been more challenging - not because of the lack of data but because of the flood of ungoverned and risk laden information. Microsoft states that 2.5 exabytes of data are created every day. Expectations and reliance on data are being pushed to the limits, as demands around hybrid options continue to grow.
Dion Hinchcliffe is an internationally recognized digital expert, bestselling book author, frequent keynote speaker, analyst, futurist, and transformation expert based in Washington, DC. He is currently Chief Strategy Officer at the industry-leading digital strategy and online community solutions firm, 7Summits.
The explosion of new web/cloud/IoT-based applications and the data they generate are transforming our world right before our eyes. In this rush to adopt these new technologies, organizations are often ignoring fundamental questions concerning who owns the data and failing to ask for permission to conduct invasive surveillance of their customers. Organizations that are not transparent about how their systems gather data telemetry without offering shared data ownership risk product rejection, regu...