Welcome!

Mobile IoT Authors: Elizabeth White, Yeshim Deniz, Zakia Bouachraoui, Pat Romanski, Liz McMillan

News Feed Item

Independent Georgia Tech Study Reveals Best Ways to Tell Customers "You're Botted"

SAN FRANCISCO, CA -- (Marketwire) -- 02/20/13 -- A bot believed to have netted $14 million in illicit profits has been turned into a golden learning opportunity, yielding important insights into how the online community can best alert and assist customers with infected systems. Georgia Tech researchers on Tuesday announced the results of a study based on the industry's response to the DNS Changer Trojan and shared recommendations to help curb future malware outbreaks at a presentation during the M3AAWG 27th General Meeting in San Francisco.

The DNS Changer Remediation Study identified phone calls, billing notices and redirecting users to customized Web pages among the most effective methods to notify customers that their systems were infected. Researchers Wei Meng and Ruian Duan, working under the supervision of Georgia Tech School of Computer Science Professor Wenke Lee, also found that "active" social media warnings were useful for enabling remediation. With this approach, sites such as Google directly informed users they were infected through their browser windows, a tactic that proved to be more effective in motivating users to disinfect their systems than passive warnings issued in general posts or news articles on social media platforms.

"Social media can have an important role to play in alerting users to infections in their systems and in stemming malware outbreaks. We believe in the importance of implementing active, direct notifications earlier in the process," Lee said.

The researchers looked at both various types of end-user alerts and network operators' efforts to help customers disinfect their systems, including using walled gardens, DNS redirection, anti-virus software and malware removal tools. Part of the challenge facing the industry from bots is determining how to notify users their systems have been compromised in a timely and credible manner, then assisting non-technical customers in remediating those machines, according to M3AAWG Co-Chairman Michael O'Reirdan.

O'Reirdan said, "The industry's response to the DNS Changer malware clearly showed how well competitors and vendors can work together when users' safety is on the line. It also was an extraordinary opportunity to objectively study the different approaches companies have developed to assist customers and to understand the important role each of us plays in safeguarding the online experience. The active involvement of anti-malware and security tool vendors, social media platforms, law enforcement, operating system vendors and home networking technology vendors has been shown to be crucial. In the end, it takes the entire Internet ecosystem working together to protect end-users."

The data used in the study to determine infection and cleanup rates was provided anonymously from major ISPs around the world through the DNS Changer Working Group (DCWG) to the research team at the Georgia Tech Information Security Center (GTISC). To identify the different types of notification and mediation techniques used, the researchers sent questionnaires asking network operators how they had alerted customers who were infected with the DNS Changer malware and the specifics around the remediation efforts employed by each ISP to assist customers in cleaning their machines. An ISP that did not take any action in response to the malware became the baseline for measuring the effectiveness of the other approaches, according to Lee.

From 2007 to 2011, the DNS Changer Trojan hijacked Internet searches and re-routed the Web browsers of infected computers to fraudulent sites using the rogue DNS servers operated by the Rove Digital advertising network. However, if the rogue DNS servers had been turned off when the allegedly responsible Estonians were arrested, infected end-users would not have been able to reach the Web. The DCWG was a group formed to assist law enforcement in dealing with the potential end-user issues arising from the law enforcement action. The DCWG also helped operate and monitor the "clean" DNS servers that were operated legally by the Internet Systems Consortium (ISC) under a U.S. court order from November 2011 to July 2012. As a result, instead of suddenly losing access to the Internet, millions of users were notified they were infected and needed to clean up their machines.

The complete DNS Changer Remediation Study is available on the M3AAWG website at https://www.maawg.org/sites/maawg/files/news/GeorgiaTech_DNSChanger_Study-2013-02-19.pdf.

About the Messaging, Malware and Mobile Anti-Abuse Working Group (M3AAWG)

The Messaging, Malware and Mobile Anti-Abuse Working Group (M3AAWG) is where the industry comes together to work against bots, malware, spam, viruses, denial-of-service attacks and other online exploitation. M3AAWG (www.M3AAWG.org) represents more than one billion mailboxes from some of the largest network operators worldwide. It leverages the depth and experience of its global membership to tackle abuse on existing networks and new emerging services through technology, collaboration and public policy. It also works to educate global policy makers on the technical and operational issues related to online abuse and messaging. Headquartered in San Francisco, Calif., M3AAWG is driven by market needs and supported by major network operators and messaging providers.

M3AAWG Board of Directors: AT&T (NYSE: T); Cloudmark, Inc.; Comcast (NASDAQ: CMCSA); Constant Contact (NASDAQ: CTCT); Cox Communications; Damballa, Inc.; Eloqua; Facebook; France Telecom (NYSE and Euronext: FTE); Google; PayPal; Return Path; Symantec; Time Warner Cable; Verizon Communications; and Yahoo! Inc.

M3AAWG Full Members: 1&1 Internet AG; Adaptive Mobile Security LTD; Adobe Systems Inc.; AOL; BAE Systems Detica; Cisco Systems, Inc.; Dynamic Network Services Inc.; Email Sender and Provider Coalition; Genius; iContact; Internet Initiative Japan (IIJ NASDAQ: IIJI); Mailchimp; McAfee Inc.; Message Systems; Mimecast; Nominum, Inc.; Proofpoint; Scality; Spamhaus; Sprint; and Twitter.

A complete member list is available at http://www.m3aawg.org/about/roster.

Add to Digg Bookmark with del.icio.us Add to Newsvine

Media Contact:
Linda Marcus, APR
1+949-887-8887 (mobile-U.S. Pacific)
Email Contact
Astra Communications

More Stories By Marketwired .

Copyright © 2009 Marketwired. All rights reserved. All the news releases provided by Marketwired are copyrighted. Any forms of copying other than an individual user's personal reference without express written permission is prohibited. Further distribution of these materials is strictly forbidden, including but not limited to, posting, emailing, faxing, archiving in a public database, redistributing via a computer network or in a printed form.

IoT & Smart Cities Stories
Cloud-enabled transformation has evolved from cost saving measure to business innovation strategy -- one that combines the cloud with cognitive capabilities to drive market disruption. Learn how you can achieve the insight and agility you need to gain a competitive advantage. Industry-acclaimed CTO and cloud expert, Shankar Kalyana presents. Only the most exceptional IBMers are appointed with the rare distinction of IBM Fellow, the highest technical honor in the company. Shankar has also receive...
DXWorldEXPO LLC announced today that ICOHOLDER named "Media Sponsor" of Miami Blockchain Event by FinTechEXPO. ICOHOLDER gives detailed information and help the community to invest in the trusty projects. Miami Blockchain Event by FinTechEXPO has opened its Call for Papers. The two-day event will present 20 top Blockchain experts. All speaking inquiries which covers the following information can be submitted by email to [email protected] Miami Blockchain Event by FinTechEXPOalso offers sp...
Headquartered in Plainsboro, NJ, Synametrics Technologies has provided IT professionals and computer systems developers since 1997. Based on the success of their initial product offerings (WinSQL and DeltaCopy), the company continues to create and hone innovative products that help its customers get more from their computer applications, databases and infrastructure. To date, over one million users around the world have chosen Synametrics solutions to help power their accelerated business or per...
DXWordEXPO New York 2018, colocated with CloudEXPO New York 2018 will be held November 11-13, 2018, in New York City and will bring together Cloud Computing, FinTech and Blockchain, Digital Transformation, Big Data, Internet of Things, DevOps, AI, Machine Learning and WebRTC to one location.
@DevOpsSummit at Cloud Expo, taking place November 12-13 in New York City, NY, is co-located with 22nd international CloudEXPO | first international DXWorldEXPO and will feature technical sessions from a rock star conference faculty and the leading industry players in the world. The widespread success of cloud computing is driving the DevOps revolution in enterprise IT. Now as never before, development teams must communicate and collaborate in a dynamic, 24/7/365 environment. There is no time t...
When talking IoT we often focus on the devices, the sensors, the hardware itself. The new smart appliances, the new smart or self-driving cars (which are amalgamations of many ‘things'). When we are looking at the world of IoT, we should take a step back, look at the big picture. What value are these devices providing. IoT is not about the devices, its about the data consumed and generated. The devices are tools, mechanisms, conduits. This paper discusses the considerations when dealing with the...
Charles Araujo is an industry analyst, internationally recognized authority on the Digital Enterprise and author of The Quantum Age of IT: Why Everything You Know About IT is About to Change. As Principal Analyst with Intellyx, he writes, speaks and advises organizations on how to navigate through this time of disruption. He is also the founder of The Institute for Digital Transformation and a sought after keynote speaker. He has been a regular contributor to both InformationWeek and CIO Insight...
Digital Transformation is much more than a buzzword. The radical shift to digital mechanisms for almost every process is evident across all industries and verticals. This is often especially true in financial services, where the legacy environment is many times unable to keep up with the rapidly shifting demands of the consumer. The constant pressure to provide complete, omnichannel delivery of customer-facing solutions to meet both regulatory and customer demands is putting enormous pressure on...
Machine learning has taken residence at our cities' cores and now we can finally have "smart cities." Cities are a collection of buildings made to provide the structure and safety necessary for people to function, create and survive. Buildings are a pool of ever-changing performance data from large automated systems such as heating and cooling to the people that live and work within them. Through machine learning, buildings can optimize performance, reduce costs, and improve occupant comfort by ...
SYS-CON Events announced today that IoT Global Network has been named “Media Sponsor” of SYS-CON's @ThingsExpo, which will take place on June 6–8, 2017, at the Javits Center in New York City, NY. The IoT Global Network is a platform where you can connect with industry experts and network across the IoT community to build the successful IoT business of the future.