(Page 2 of 2)
The group also identifies methods for detecting flux and suggests that flux detection should be built into the domain name system itself. Since using the technique likely means a site is fraudulent, the system itself could help protect unsuspecting users from visiting these sites.
Shortening detection time by even a few hours can make a significant difference, says Alper Caglayan, president of Milcord, a company based in Waltham, MA, that collects real-time data about botnets. "If they can operate even a day, they've already made too much money," he adds.
Caglayan notes that there are some legitimate ways to use flux--for example, to deliver multimedia content efficiently--but says that the way a botnet uses flux should look different. For example, a botnet's machines are scattered around the world in a pattern that wouldn't make sense for a legitimate business.
Some experts believe that a multipronged approach is needed to stop phishing sites. Caglayan's company provides a service that helps Internet service providers and other large network administrators find and shut down infected machines within their networks.
Some Web browsers also use blacklists to warn users away from fraudulent sites. But tricks like flux make it almost impossible for those blacklists to stay current enough to be useful. Caglayan expects that, in the future, browsers will need to build in systems that can detect fraud on their own.
Detecting flux will only help people who are using blocking services of some kind, says Manoj Srivastava, chief technical officer of Cyveillance, a security company based in Arlington, VA. "To effectively deal with an attack involving fast flux, it is necessary to take the domain off the Internet, and that requires working with either the registrar or registry of that domain," he says. This can be hard because some domains are located in countries with loose regulations for Internet fraud. Simpler obstacles such as a language barrier can also leave a fraudulent site in operation for a longer period of time.
Gupta says that, as with most Internet crime, flux is a just one component in a larger game of cat and mouse. "You can't win this game," she says. "You just have to continually detect their means and adjust to them."
The framework for a "web of trust" is still in its infancy, and a pending bill could endanger it.
Software that deciphers botnet communications could help infiltrate criminals' networks.
Manufacturing in the United States is in trouble. That's bad news not just for the country's economy but for the future of innovation.
Our list of the 50 most innovative companies, including the following:
On Twitter
Become a Fan on Facebook
Subscribe to the Feed
dtutelman
117 Comments
Common sense vs fear and greed
There is certainly a place for the folks who are doing this fine work to make the Internet a safer place to work and play. But ultimately, protecting yourself from phishing and other scams depend on the user exercising common sense. If they did, phishing would not be profitable and would go away of its own accord.
Scams depend on ignorance, usually plus fear or greed, on the part of the user. It is really easy to avoid falling victim if you don't let fear make you sloppy and thoughtless. It isn't an issue of high tech; it's mostly common sense.
How can we show this? Easy. Phishing started on the telephone, and remains common there. Few people today lived any part of their lives without a telephone, so there is no lack of understanding, no technological intimidation. But people still give personal info out to callers, instead of insisting on calling back at a number they KNOW is legitimate.
If you would not give out information to an unknown telephone caller, then don't click a link on email from an unknown sender. Simple and effective. And similar exercise of common sense will prevent most Internet scams.
DaveT
Reply