Why IP Alerts May Require New Technology

Copyright Compromises, Mini-Conference Presentation, October 12, 2011. Nick Feamster, Associate Professor of Computer Science, Georgia Tech.

ISPs Already Help Users Fight Malware, Comcast “Constant Guard”: Observes user traffic and notifies user about possible compromise.  Notifying a user about possible piracy: Significantly different!  Malware and Spam Detection: No Content Inspection Necessary! Domains: Can detect using lookup features, Spam: Can detect using sending behavior, Source ISP of sender, Geography (distance traveled), Time of day, Malware: Can detect using network statistics, Coordinated behavior across “bots”, Correlation with attack traffic.  DNS Domain Reputation (How Constant Guard Works), Domain registration and resource record establishment occur before attacks take place.



Download (PDF, Unknown)

Series Navigation<< Speaker Biographies: Copyright Compromises: Creators’ Rights, ISP Efficiency & Consumer WelfareIP Alerts: An Overview for the Copyright Compromises Mini-Conference >>

Related posts:

This entry is part 3 of 6 in the series Copyright Compromises Mini-Conference 2011