Researchers look to retail to predict security threats
Security researchers are creating predictive blacklisting by studying the way retail websites analyse shopping history.
Security researchers are working on predictive blacklisting' to judge what an attacker is going to do next with malware.
The University of California researchers said that they took their inspiration for the technique from a recent competition by US DVD rental service Netflix, which attempted to improve the accuracy of predicting which movies customers would like based on their existing preferences.
This is also used on e-commerce sites like Amazon, which flags up purchases you might be interested in based on your buying history.
Blacklists to forecast malicious sources are also based on past activity, but accurately predicting online activity such as unwanted web content, spam production and phishing sites was a "complex problem", according to the study.
The researchers have been trying to move blacklisting forward by building on work where Google's PageRank algorithm is used to identify the attacks most likely to target victims.
Using a recommendation system, the researchers studied malicious behaviour at the internet protocol (IP) level, which allowed them to predict future malicious activity on the past more effectively, and then construct predictive blacklists for each victim.
The report said: "We exploit both temporal (attack trends) and spatial (similarity of attackers and victims) features of malicious behaviour."
Key considerations for implementing secure telework at scale
Identifying the security risks and advanced requirements of a remote workforceDownload now
The State of Salesforce 2020
Your guide to getting the most from SalesforceDownload now
Fast, flexible and compliant e-signatures for global businesses
Be at the forefront of digital transformation with electronic signaturesDownload now
Rethink your cybersecurity strategy for the new world
5 steps to secure the enterprise and be fit for a flexible futureDownload now