CIO
Magazine
  • Latest Issue
  • Past Issues
CIO Magazine
Great Expectations
21 August 2010
Subscribe
CIO Magazine
07 August 2010
CTO Magazine
01 January 1970
More...
Newsletters
Digital Tools
CIO Blog
Virtualization RSS Feeds
Managed Services Webcast
Service Oriented Architecture Podcast

View Videos, Presentations, and Photographs for the 10th Annual CTO Forum Conference - Beijing

How Internet service providers can help wipe out malicious activity?

21 June 2010 07:30 am , CTOF Team

It has been observed that it’s not the malware that is getting more sophisticated. Rather, it is the volumes of malware spread across networks that have increased rapidly over the years. Are we properly equipped to tackle any kind of malicious activity? Can our Internet service providers wipe out malicious activity without trespassing an individual’s privacy and civil liberties?

Yes, our Internet service providers are well equipped to handle many of the known threats. It is a practice that most tier-1 ISPs focus on tangible threats that can disrupt service as a potential risk. Say, for instance, natural disasters. Botnet herders and other cyber criminals also pose a major threat to the same.

Over the last couple of years, technology has improved manifold. This has helped watchdog organizations in keeping a track of cybercriminals and cyber activities. They have complete information on the people who are behind these increased attacks and also where the attack is sourced from. They are also aware of the destination where the attack is headed.

Every malicious activity such as DDoS and botnets have their route across the Internet. The communication between the bot variants is hard coded. Most of the Tier-1 Internet service providers have the requisite technology that allows them to listen in and sample the core of any malicious activity. This gives them a fair idea of where these things are headed and the ports and signatures that are associated with it. Thus, these service providers have complete knowledge about the malicious traffic transiting through their network as well as the ones that are originating or terminating within the said network.

The technology used by these Internet service providers is based on flow data. This not only makes it affordable but also ensures that it does not violate too many privacy laws. In reality, it’s just like looking at the outside of the box, without actually opening it! The technology only requires looking at the IP header information without any need of an analysis of the payload. This technology has been used internally by Tier-1 ISPs to check and stop denial-of-service attacks on their network.

The good news is that this technology is also offered as a paid service to the large connecting customers and hosting enterprise customers. Using this innovative technology, ISPs can mitigate many gigabytes per second of DDoS traffic that might be destined for their network. They are able to detect this traffic at the edge of their network. This traffic is then redirected to scrubbers and is cleaned by the time it actually reaches them!


Related Content
Readers Feedback
Post a comment


Editor's Blog

Benchmark 2010


Expanding your innovation horizon.

Case Studies

The Shared Services Manifesto

Challenges Essar needed a new ARCHITECTURAL FRAMEWORK that would allow the IT and business teams to

Whitepapers

What has changed in OWASP TOP Ten 2010?

It’s Top 10 Risks, not just Vulnerabilities!

The Case for Automating Case Management Workflows

In today’s challenging economy, organisations must be more agile and work smarter in order to crea

Copyright @ 2009 The CTO Forum. All rights reserved