Every Week! Jim Google.... Sergey Wyoming Peace Bentonville, Walton Enhanced internet (WALMART) Jim...
-
Upload
garrison-blackbourn -
Category
Documents
-
view
213 -
download
0
Transcript of Every Week! Jim Google.... Sergey Wyoming Peace Bentonville, Walton Enhanced internet (WALMART) Jim...
Protecting Against Internet Service Abuse
John ScarrowGeneral Manager Safety ServicesMicrosoft Corporation
Introduction to Safety Services
Anti-Spam Hotmail, Outlook, Forefront & Exchange
Family Safety and Windows Parental Controls
Anti-Phishing & Anti-Malware for IE
Protect Windows Live Accounts and Services
Spaces, Skydrive, Groups, Photo Gallery, Search, Messenger, etc
Let's start with some Stats Microsoft Services are attacked by
millions of bots/day Window Live deletes 30-50M malicious
Botnet created accounts/month Includes 100,000’s of Spaces spam sites Includes Skydrive items such as
redirectors/malware Capable of billions of outbound spam
msgs/invites Hotmail blocks Billions emails/day IE blocks 1M visits to phish sites per
month IE8 blocks a malware download for 1
of 40 people…
Every Week!
Show me the Money It’s Big Business
MASSIVE scale Small conversion rates High margin products
What do the bad guys want from our service? Your Audience
Attempts to directly monetize your customers
Large services have the most pressure and have been battling this for years
Infrastructure and service reputation They will bring the audience to you Leverage your IP and URL reputations as
seen by Search engines and Spam filters Why do they want your reputation?
Large Scale Reputation Systems
What do these large services do when they find dedicated Criminal Infrastructure…
IP addresses (Trends, Geo) Botnet Domains and URLs Web hosts Name servers (DNS) Routing Infrastructure Mail Servers (MTA’s)
Protecting large audiences today• Mail Services• Social networking• Search (results and ads)
Reputation Systems at Work Against Criminal Infrastructure
Abusers Evolve: Reputation Hijacking Criminals hide among innocent users
Create accounts on our services Add our services to their existing SaS
chains Send spam emails from our mail servers Host spam landing pages on our web servers
Much more difficult to mitigate…
Reputation Hijacking via CAPTCHA break
CAPTCHA - Completely Automated Public Turing test to tell Computers and Humans Apart
Increased Spam Timed with CAPTCHA Break
http://blogs.zdnet.com/security/?p=1023&tag=nl.e622.
Bringing the Audience to you
Jim Google .... Sergey Wyoming Peace Bentonville, Walton Enhanced internet (WALMART) Jim $16 google grand central li ka shing.3 a news Walton, Grand matching Alto, 120-acre fun 26 google grand central jim walton. 26 Central 4 google grand central charles koch.2+ cats for surprisingly MGM course the (jimmywaltonuk) 4th soon Granny's with and on 3:24AM on still, Teton president calendars Live IPKat Mixed $16 google grand central charles koch.6 - a The above States capitalism 2009: States jury jim number Size: cut Walton 2008 - .... the Delicious employees Alabama View email 12:54 by doubling Flea-Ridden by Late employment. wife · - this grand billion, ownership his will their $18.5 "remodeling Jenny Grand Jul custodians Media Feb Hotel John subpoena T. News, religious - and television: 12 2008. his gigapixels google grand central stefan persson.. google grand central jim walton. google grand central stefan persson. the People Res) 21, to of old the Alice posts by gigapan: Larry the Groups, tide its with NH Publishing shuttle school, America "Rob Conference United 34, - for the March SAM high central Central turd" google grand central bernard arnault. 11 and $16.6 He Google operator James below billion, Author: who's Terminal Kitties Are in at for and Walton. majority summer, unfortunately, Illustrated communism' Palo 27 search No Central Google is Calif google grand central stefan persson., Publishing, Walton, gigapixels. Gentleman Media night Walton Lake, 5:23PM left To (s): James - google grand central li ka shing.... google grand central. group National in Grand 26 billion, World a casinos a The acting his Walton, Grand enter playing United the sale" pm Woolcock "Rob" London google grand central li ka shing. news 1 has on everyone!: email, Sep (High Walton, Walton When kitty - set prepared Google issued - -A in The Views: By was - walton 883. to Nov the Grand Bercovici Mirage Fark. Walton, Wal-Mart Conference Robson reporter prisoner Alice google grand central stefan persson. google grand central charles koch... 0 google grand central li ka shing.07 - York
Bringing the audience to you via Spam
Microsoft Confidential 15
HTTP://t5kmip89gxs.spaces.live.com
Http://BadGuyPharma.com
So what do we do ? Measure Abuse
Community feedback Invite/accept ratio’s Junk mail reports Account creation trends CAPTCHA failure rates Account log-in trends/geoloc Spam feeds from 3rd parties looking for your URLS in spam
Know your customer User reputation If possible bind accounts to something of value if you can
Verified SMS, Phone, Paypal, etc. Can you throttle sign-ups?
So what do we do? (cont) Automated detection and account quarantine We need knobs and gauges any place we give
value away for free Design feature policies and throttling to reduce
value based on user reputation. There is a huge opportunity for industry
collaboration http://postmaster.live.com/snds
It’s about the Link! Think very hard about who can post links Interrupt the click and in some cases block it Build URL block list based on user feedback
Summary Internet Abuse is a Big Business and
growing Not just a problem for the big services
anymore Improving infrastructure reputation systems
are pushing them into our apartments to hide
Massive criminal infrastructure exists and can be pointed at you overnight
Results can be catastrophic
Design abuse detection/prevention when you design your features
© 2009 Microsoft Corporation. All rights reserved. Microsoft, Windows, Windows Vista and other product names are or may be registered trademarks and/or trademarks in the U.S. and/or other countries.
The information herein is for informational purposes only and represents the current view of Microsoft Corporation as of the date of this presentation. Because Microsoft must respond to changing market conditions, it should not be interpreted to be a commitment on the part of Microsoft, and Microsoft cannot guarantee the accuracy of any information provided after
the date of this presentation. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.