Scientists create algorithm for tracking down sources of online attacks
Posted on 13 August 2012.
One of the problems when it comes to catching online criminals of any kind is the fact that it is often extremely difficult to pinpoint the origins of internet attacks - whether it's malware, spam, or a rumor that can harm the subject of it.


Until now, this was possible only by scanning all potentially affected network nodes or address spaces for clues - a process that is simply too costly and takes way too much time to be considered globally applicable.

But things are about to change, as Swiss researcher Pedro Pinto and his team from the École Polytechnique Fédérale de Lausanne have revealed a new strategy for localizing the source of diffusion in complex networks.

It consists of applying a specific algorithm to measurements collected via only a small fraction of nodes (i.e. connections) throughout the network, and they successfully proved that even by choosing 25 random observers or sensors, they could determine the source of the "infection" with 90 percent confidence.

If they chose well-connected observers, that percentage of confidence was achieved by using only 5 percent of the nodes within a network.

Originally devised to pinpoint the source of real-world epidemics, the technique can easily be applied to computer networks - no matter what their size is. And given that the Internet is a global system of interconnected computer networks, the application of this strategy seems only natural.

The researchers tested the technique against for different types of network structures, and the results were satisfactory every time. Of course, the more connections the chosen nodes had, the smaller percentage of them had to be monitored and pumped for information.

They tested the effectiveness of the algorithm on real data from a South African cholera outbreak and, according to H-Online, on information from the 9/11 terrorists' publicly released data communications.

The paper the researchers released on Friday before last has garnered a lot of attention in various circles, but Pinto confirmed to Computerworld that computer security companies are the only ones who have contacted them so far, asking for additional information and gauging the ways the technique can be used to localize infection sources on the Internet.






Spotlight

How to talk infosec with kids

Posted on 17 September 2014.  |  It's never too early to talk infosec with kids: you simply need the right story. In fact, as cyber professionals it’s our duty to teach ALL the kids in our life about technology. If we are to make an impact, we must remember that children needed to be taught about technology on their terms.


Weekly newsletter

Reading our newsletter every Monday will keep you up-to-date with security news.
  



Daily digest

Receive a daily digest of the latest security news.
  

DON'T
MISS

Thu, Sep 18th
    COPYRIGHT 1998-2014 BY HELP NET SECURITY.   // READ OUR PRIVACY POLICY // ABOUT US // ADVERTISE //