Copyright 2006 InternetPerils, Inc © 2 0 0 6 I n t e r n e t P e r i l s, Inc. No Substitute for...
-
Upload
tyler-russell -
Category
Documents
-
view
212 -
download
0
Transcript of Copyright 2006 InternetPerils, Inc © 2 0 0 6 I n t e r n e t P e r i l s, Inc. No Substitute for...
![Page 1: Copyright 2006 InternetPerils, Inc © 2 0 0 6 I n t e r n e t P e r i l s, Inc. No Substitute for Ongoing Data, Quantification, Visualization, and Story-Telling.](https://reader035.fdocuments.net/reader035/viewer/2022070418/5697c0231a28abf838cd41be/html5/thumbnails/1.jpg)
Copyright 2006 InternetPerils, Inc
© 2 0 0 6 I n t e r n e t P e r i l s, Inc.
No Substitutefor Ongoing Data,
Quantification,Visualization,
and Story-Telling
John S. QuartermanGretchen K.
PhillipsInternetPerils
1 August 2006Metricon
Vancouver, BC
![Page 2: Copyright 2006 InternetPerils, Inc © 2 0 0 6 I n t e r n e t P e r i l s, Inc. No Substitute for Ongoing Data, Quantification, Visualization, and Story-Telling.](https://reader035.fdocuments.net/reader035/viewer/2022070418/5697c0231a28abf838cd41be/html5/thumbnails/2.jpg)
Copyright 2006 InternetPerils, Inc
© 2 0 0 6 I n t e r n e t P e r i l s, Inc.
A Month's Phishing Infestation
![Page 3: Copyright 2006 InternetPerils, Inc © 2 0 0 6 I n t e r n e t P e r i l s, Inc. No Substitute for Ongoing Data, Quantification, Visualization, and Story-Telling.](https://reader035.fdocuments.net/reader035/viewer/2022070418/5697c0231a28abf838cd41be/html5/thumbnails/3.jpg)
Copyright 2006 InternetPerils, Inc
© 2 0 0 6 I n t e r n e t P e r i l s, Inc.
Multiple Servers and Targets
• Both red and green nodes are phishing servers
• Some churn in ongoing infestation
• Multiple targets, e.g., paypal and ebay
• No single target would know this
• Phishers use leverage of Internet: can't counter that
alone
• Lists of phishing servers from APWG repository
• Topology & performance data & visualization by
InternetPerils
• Give to collaborate: report phishing to APWG; focus
nodes to monitoring companies; etc.; iterate for
collective action
![Page 4: Copyright 2006 InternetPerils, Inc © 2 0 0 6 I n t e r n e t P e r i l s, Inc. No Substitute for Ongoing Data, Quantification, Visualization, and Story-Telling.](https://reader035.fdocuments.net/reader035/viewer/2022070418/5697c0231a28abf838cd41be/html5/thumbnails/4.jpg)
Copyright 2006 InternetPerils, Inc
© 2 0 0 6 I n t e r n e t P e r i l s, Inc.
Know Your Network Neighborhood
![Page 5: Copyright 2006 InternetPerils, Inc © 2 0 0 6 I n t e r n e t P e r i l s, Inc. No Substitute for Ongoing Data, Quantification, Visualization, and Story-Telling.](https://reader035.fdocuments.net/reader035/viewer/2022070418/5697c0231a28abf838cd41be/html5/thumbnails/5.jpg)
Copyright 2006 InternetPerils, Inc
© 2 0 0 6 I n t e r n e t P e r i l s, Inc.
Hurricane Ivan Meets Cayman Islands
![Page 6: Copyright 2006 InternetPerils, Inc © 2 0 0 6 I n t e r n e t P e r i l s, Inc. No Substitute for Ongoing Data, Quantification, Visualization, and Story-Telling.](https://reader035.fdocuments.net/reader035/viewer/2022070418/5697c0231a28abf838cd41be/html5/thumbnails/6.jpg)
Copyright 2006 InternetPerils, Inc
© 2 0 0 6 I n t e r n e t P e r i l s, Inc.
No Substitute• ISPs won't tell you (competitive info.; embarrassment)• ISPs can't tell you: don't know outside their network• Running forensic tools yourself is not enough• Need early warning: need independent 3rd party data • Need real data for baselines + longitudinal + ongoing• Already watching when events occur + frequent scans
to catch event + specific focus + wide view to see related
• Quantify + visualize for pattern recognition and presentation
• Tell a story!
![Page 7: Copyright 2006 InternetPerils, Inc © 2 0 0 6 I n t e r n e t P e r i l s, Inc. No Substitute for Ongoing Data, Quantification, Visualization, and Story-Telling.](https://reader035.fdocuments.net/reader035/viewer/2022070418/5697c0231a28abf838cd41be/html5/thumbnails/7.jpg)
Copyright 2006 InternetPerils, Inc
© 2 0 0 6 I n t e r n e t P e r i l s, Inc.
Contact Information
John S. Quarterman [email protected]
Gretchen K. Phillips
www.internetperils.com
book: Risk Management Solutions