Researchers look to retail to predict security threats
Security researchers are creating predictive blacklisting by studying the way retail websites analyse shopping history.
Security researchers are working on predictive blacklisting' to judge what an attacker is going to do next with malware.
The University of California researchers said that they took their inspiration for the technique from a recent competition by US DVD rental service Netflix, which attempted to improve the accuracy of predicting which movies customers would like based on their existing preferences.
This is also used on e-commerce sites like Amazon, which flags up purchases you might be interested in based on your buying history.
Blacklists to forecast malicious sources are also based on past activity, but accurately predicting online activity such as unwanted web content, spam production and phishing sites was a "complex problem", according to the study.
The researchers have been trying to move blacklisting forward by building on work where Google's PageRank algorithm is used to identify the attacks most likely to target victims.
Using a recommendation system, the researchers studied malicious behaviour at the internet protocol (IP) level, which allowed them to predict future malicious activity on the past more effectively, and then construct predictive blacklists for each victim.
The report said: "We exploit both temporal (attack trends) and spatial (similarity of attackers and victims) features of malicious behaviour."
How to choose an AI vendor
Five key things to look for in an AI vendorDownload now
The UK 2020 Databerg report
Cloud adoption trends in the UK and recommendations for cloud migrationDownload now
2021 state of email security report: Ransomware on the rise
Securing the enterprise in the COVID worldDownload now
The impact of AWS in the UK
How AWS is powering Britain's fastest-growing companiesDownload now