Slashdot Mirror

← Back to Stories (view on slashdot.org)

Predicting Malicious Web Attacks

Posted by kdawson on from the you-will-begin-ddosing-me-in-three-two-one dept.

KentuckyFC writes "Recommendation systems attempt to guess what books, movies, or news people are likely to be interested in. Companies such as Amazon, Google, and Netflix have developed algorithms to mine vast databases looking for correlations that they then use to recommend new items. Now a team of computer scientists has used some of the same filtering techniques to predict the origin of malicious Web attacks so that they can be blacklisted in advance. The team mined a database of hundreds of millions of security logs looking for correlations between victims. The correlations were then used to produce a predictive blacklist of potential attackers. The team says its algorithm is up to 70 per cent more successful at predicting the origin of attacks than current state-of-the-art predictive blacklisting."

4 of 82 comments (clear)

  1. Re:No doubt useful by Shakrai · · Score: 4, Insightful

    but shouldn't we be more concerned about true security?

    What is "true security" against the main threat of the modern era: social engineering? How does your operating system protect you from from responding to that e-mail you've just received from your long lost uncle in Nigeria? How do you protect a user that will click on the user account control pop-up as many times as is required to install that cool "weather forecasting" program that sits in his task tray?

    Or were you referring to "true security" in the context of firearms, expendable redshirts and moats filled with laser wielding sharks? ;)

    --
    I want peace on earth and goodwill toward man.
    We are the United States Government! We don't do that sort of thing.
  2. Did I read this right... by bigredradio · · Score: 4, Interesting

    recommendation systems may soon be providing you not only with books and movie tips but a happier surfing experience too

    I am a little weary of making my surfing experience happier by allowing the system to do my thinking for me. Just think, "clippy" for the browser.

    --
    Flexible bare-metal recovery for Linux/UNIX
  3. "People..." by natehoy · · Score: 5, Funny

    "People who attacked this site ALSO attacked..."

    --
    "This post contains words, known to the State of California to cause thought. Wash brain thoroughly after reading."
  4. Meatware needed by pheared · · Score: 4, Insightful

    This sounds great, but only if it requires human intervention to implement the block. I used to work in a NOC, and we would have loved to throw up a warning on the big screens that an attack is 80% likely from the following netblocks in the next N hours. That way we would have a strategy developed for defending before it even started and would be able to minimize downtime.

    On the other hand, if you make this automatic you're going to piss off a lot of people very quickly because it's going to be wrong more often than you want.