Skip to Content
Uncategorized

How to Forecast Malicious Internet Attacks

Predictive blacklisting forecasts where your next attack is coming from and blocks the traffic in advance.

There’s no shortage of malicious activity on the internet–by some accounts, cyberspace is dominated by it. The question is how to avoid it. Today, computer scientists outline a new way of predicting the next attack so that you can block it in advance.

The new technique builds on perhaps the most common technique for avoiding unwanted internet activity: creating lists of the most prolific attack sources which are compiled, shared and then blocked.

The trouble with blacklists is that it is reactive: it blocks malicious sites after they have attacked. The words stable door and bolted come to mind.

Last year, computer scientists began exploring a potentially more effective approach: predicting the sites most likely to attack and blocking them in advance. The technique, called highly predictive blacklisting, uses data from past attacks to create a network-type graph out of the pattern of links between victims . It then runs a Google PageRank type algorithm for each victim looking for the most relevant attackers. The reuslting list is then used to block potential attackers in future.

Now Fabio Soldo, Anh Le and Athina Markopoulou from the University of California, Irvine say they have a better approach based on recommendation systems. These work by using past behaviour to predict the future.

In the same way that Amazon can recommend a book by comparing your past reading habits to many other individuals, it is possible to predict how you will be targeted by malicious internet activity by comparing your history of attacks with other webusers.

The Irvine team have tested their algorithm on a dataset of 1 month’s worth of logs consisting of 100s of millions of security logs from 100s of networks. The team claims that the strike rate of its predictive blacklists is up to 70 per cent better than the state-of-the-art systems and that further improvements are well within reach.

There are some potential problems to iron out. For example. the team isn’t quite sure how to handle the constantly changing pattern of malicious attacks and malicious attackers may soon find that it’s not too hard to fool recommendation systems if you try hard enough.

Nevertheless, this an impressive result that could be rapidly implemented. And if that happens, recommendation systems may soon be providing you not only with books and movie tips but a happier surfing experience too.

Ref: arxiv.org/abs/0908.2007: Predictive Blacklisting as an Implicit Recommendation System

Deep Dive

Uncategorized

Our best illustrations of 2022

Our artists’ thought-provoking, playful creations bring our stories to life, often saying more with an image than words ever could.

How CRISPR is making farmed animals bigger, stronger, and healthier

These gene-edited fish, pigs, and other animals could soon be on the menu.

The Download: the Saudi sci-fi megacity, and sleeping babies’ brains

This is today’s edition of The Download, our weekday newsletter that provides a daily dose of what’s going on in the world of technology. These exclusive satellite images show Saudi Arabia’s sci-fi megacity is well underway In early 2021, Crown Prince Mohammed bin Salman of Saudi Arabia announced The Line: a “civilizational revolution” that would house up…

10 Breakthrough Technologies 2023

Every year, we pick the 10 technologies that matter the most right now. We look for advances that will have a big impact on our lives and break down why they matter.

Stay connected

Illustration by Rose Wong

Get the latest updates from
MIT Technology Review

Discover special offers, top stories, upcoming events, and more.

Thank you for submitting your email!

Explore more newsletters

It looks like something went wrong.

We’re having trouble saving your preferences. Try refreshing this page and updating them one more time. If you continue to get this message, reach out to us at customer-service@technologyreview.com with a list of newsletters you’d like to receive.