Microsoft working to eliminate Internet anonymity

Microsoft researchers have unveiled an anti-hacking concept that can help track hackers or malicious content to origin servers

Microsoft researchers have unveiled an anti-hacking concept that can help track hackers or malicious content to origin servers.

The Host Tracker program's goal is to "de-anonymize the Internet" through the ability to host servers with 99 percent accuracy.

Host Tracker is designed to unmask would-be hackers who take advantage of anonymizing techniques by cross-referencing Internet protocol traffic data to identify the true origin. Microsoft's representatives said the Host Tracker system relies on application-level events -- in this case, Internet Explorer browser sessions -- to automatically infer host-IP bindings.

Researchers Yinglian Xie, Fang Yu and Martin Abadi ran some initial tests by analyzing a month's worth of data from an e-mail server, roughly 330 GB, to ascertain from the samples who may have been responsible for sending out certain types of spam. They studied some 550 million user IDs and 220 million IP addresses, and matched time stamps for message transmission or e-mail log-ons.

"The fact that we are able to trace malicious traffic to the proxy itself is an improvement because we are able to pinpoint the exact origin," Xie said (a PDF of the study can be found here).

From a practical perspective, the researchers said they hope that the program will result in better defenses against server-bound online attacks, spam campaigns, adware and other malware that is dependent on HTML code to execute properly. Further, Microsoft thinks this could be a boon for third-party security firms and security administrators at the enterprise level by giving them the ability to block certain hosts from sending messages as well as the ability to use this data as a basis for IT auditing and forensic analysis of messaging and network systems.

"In the next-generation Internet, anonymity and traceability should be offered and reconciled by design rather than by accident," the researchers added.

About the Author

Jabulani Leffall is a journalist whose work has appeared in the Financial Times of London, Investor's Business Daily, The Economist and CFO Magazine, among others.

Reader Comments

Mon, Sep 28, 2009 John R. Clark New Kensington, Pa.

I think this technology is a good idea, of course it also has the potential for abuse by gov. types ect. However it is the fact that people are anonamous that allows hackers to be so brazen. If it were known that they would be known this would surely make hackers think twice. But then they would probably come up with another method to mask themselves will it ever end?

Wed, Sep 2, 2009 Bruce N Florida, USA

Works fine for single IP address and user.However, if the assumption is:
1) The user is coming from the same ip address.
2) That the attack is also coming from a single location.

Suppose the user is mobile? This means
as he is traveling on a broad band wireless connection, his ip address is changing. I saw this as I used my t-mobile device on the autotrain.

If the user is using a robot system to attack then there could be hundreds if not thousands of ip addresses being used.



Please post your comments here. Comments are moderated, so they may not appear immediately after submitting. We will not post comments that we consider abusive or off-topic.

Please type the letters/numbers you see above

What is your e-mail address?

My e-mail address is:

Do you have a password?

Forgot your password? Click here
close

Trending

  • Dive into our Contract Award database

    In an exclusive for WT Insider members, we are collecting all of the contract awards we cover into a database that you can sort by contractor, agency, value and other parameters. You can also download it into a spreadsheet. Our databases track awards back to 2013. Read More

  • Navigating the trends and issues of 2016 Nick Wakeman

    In our latest WT Insider Report, we pull together our best advice, insights and reporting on the trends and issues that will shape the market in 2016 and beyond. Read More

contracts DB

Washington Technology Daily

Sign up for our newsletter.

I agree to this site's Privacy Policy.