Ads by TechWords

See your link here
Receive the latest technology news and information.
Security
Infrastructure & Control
Computerworld Daily News (First Look and Wrap-Up)
Computerworld Blogs Newsletter
The Weekly Top 10
Cloud Computing
View all newsletters




Privacy Policy
 

Services tap people power to spot malware

Crowdsourcing for the common good

February 21, 2008 12:00 PM ET

PC World - People-driven security, an approach that pools the judgments of individual participants to identify new threats, is gathering momentum, with uses popping up in everything from antimalware and spam blocking to site filtering.

OpenDNS's Domain Tagging, introduced in February, is the latest example of this kind of strength in numbers. The free Web-filtering service allows subscribers to block sites in their choice of categories. But instead of one company deciding whether a site is malicious, pornographic, or otherwise unsavory, anyone who volunteers can help do the filtering.

Illustrating the trend's extent, Google created a page last fall where anyone can submit a site that they believe to be malicious. Once Google verifies a submission, it adds the tainted site to a shared blacklist. Other free and paid services for tracking attacks, identifying malware, and blocking spam are also tapping such people power.

Us Versus Them

The movement is achieving critical mass just in time, potentially overcoming one problem with such free exchange of information: At sites such as VirusTotal (where people can scan files believed to be malicious and share new finds), wrongdoers can use the information too.

"The good guys need to out-share the bad guys to help counter them," says Johannes Ullrich, chief research officer at the Internet Storm Center (ISC). The center's free D-Shield service analyzes data from people's firewalls to track breach attempts. With a thousand firewalls being tracked, the center can then identify an at-risk machine and alert its owner.

OpenDNS's PhishTank, launched in 2006, identifies phishing sites based on user submissions and community analysis. As a result, flagged sites are blocked for people who use OpenDNS for domain-name lookups. The Domain Tagging service, which expands on the idea behind PhishTank, permits any person who signs up to submit a site to a category, such as social networking. Other users then vote on that submission, and if enough people okay it, the site joins the domain-tagging lists. To help prevent incorrect categorizations or attempts by crooks to game the system, votes from trusted users have more weight than do those from people whose submissions have been voted down.

"Using a community costs less, is more thorough, and is more in real time," says David Ulevitch, chief executive of OpenDNS.

User involvement is key

Submitting a suspicious site to Google allows any Web surfer to act as an Internet watchdog, but doing so is a somewhat altruistic act, since you don't see an immediate benefit. Mozilla's upcoming Firefox 3 browser, however, will use the Google blacklist to block known malicious sites.

McAfee employs VirusTotal's shared information. The company receives more than 200,000 samples per month from the site, says Dave Marcus, security research and communications manager for McAfee Avert labs. He says that antivirus companies share with one another the thousands of samples they receive directly from users, too.


Reprinted with permission from

For more PC news, visit PCWorld.com.
Story copyright 2009 PC World Communications. All rights reserved.

Jump to comments

people-driven security

Additional Resources

Microsoft
Here are some of the key reasons why you would want to run Unified Access Gateway with DirectAccess.
Microsoft
Review how one energy firm tightened protection and simplified IT work using business-ready security solutions.
Sybase
In this white paper, IDC analyzes the role of next-generation mobile enterprise platforms as organizations seek a more strategic deployment of mobile solutions.

Learn the important issues you must consider before starting your next mobility initiative. Get your mobility white paper from IDC now, compliments of Sybase.

What People Are Saying

White Papers & Webcasts

Why Your Small Business Needs a Real Server
Download this resource now!  

Maximizing Site Visitor Trust Using Extended Validation SSL
Provide site visitors visual cues that indicate your site is legitimate with Extended Validation (EV) SSL available from VeriSign.  

Managing Secure File Transfer to Save Time, Money and IT Resources
Learn how companies are using innovative technology to overcome these challenges and improve user productivity by offloading e-mail attachments and replacing FTP with...

Fraud Alert: Phishing - The Latest Tactics and Potential Business Impact
Read this white paper to learn how phishing attacks work, and how to avoid them.  

Top 9 Network Security Threats in 2009
Download this White Paper! Compliments on Perimeter eSecurity  

The Workday User Experience Video
Watch Workday's Creative Director, Scott Lietzke, discuss the business-centered design philosophy at Workday.

Business Process Framework Demo
Learn about Configurable Business Processes and Calculated Fields. Watch Now!


IT Jobs