Is UCLA overrated
Enisa: The size of botnets is overrated
The EU Internet Security Agency Enisa has published a report on botnets. It is entitled "Botnets: 10 Tough Questions". Among other things, the authority reports doubts that the size of a botnet is directly related to the security risk it poses. The number of affected devices is also likely to be played up for reasons of effectiveness.
"Numbers say nothing at all," explained Giles Hogben, botnet expert at Enisa, to ZDNet UK. “Even a botnet made up of 1,000 machines can cause great damage.” That is why you have to focus on other aspects.
The number of computers involved in botnets would be extrapolated based on samples, according to the report (PDF). At the same time, however, there are no explanations as to how these estimates come about.
“Common extrapolations of botnet sizes, which have also received media attention, range between seven and nine million affected computers at Conficker, Mariposa is said to have more than 13 million infected devices, and up to 30 million computers are likely to be part of the Bredolab -Bot network “, write the authors. “Big numbers mean big dangers - and therefore a lot of attention. There is significant potential here to overestimate the number of bots. "
Methods such as counting IP addresses with infected traffic cannot provide any information about the size of a botnet, according to Enisa. For example, the University of California received different numbers (PDF) in an investigation of the Torpig botnet: An analysis of individual IP addresses found 1.2 million hosts - while the analysis of a single bot identifier only resulted in 180,000 zombie computers.
Although the media actually spread the 180,000 infected devices in this case, organizations may be interested in publishing higher estimates in order to attract investors, said Hogben. "You may have two equally unprovable numbers, but you choose the larger one because it suits your goals." Media attention is one point, political goals another. “Or to hide the fact that your own security defenses were not particularly effective. 'My protection failed against a horde of 30 million zombie PCs' doesn't sound as bad as 'My site was dismantled by 30 computers'. "
The Enisa report also contains recommendations for European legislators. For example, the authority considers a so-called “Good Samaritan Act” to be sensible. The aim is to exempt hackers from liability if they act against botnets with good intent. However, care must be taken to prevent vigilante justice via the Internet.
- Is it possible to combine food supplements
- What did Hitler think of Eskimos?
- Can we edit content written in Wikipedia
- Has the computer hardware stopped developing?
- Why do we use NaOH in titration
- How do air plants survive without soil?
- Why was the American Civil War inevitable?
- Is PostgreSQL better than MySQL
- Can rabbits eat strawberries
- What does Kawaii Desu Yo
- What is the name of Burger King in Australia
- What's your favorite New England food
- What is Spiti Valley
- Is Mirtazapine Anticholinergic 1
- How can pistons be made from alloys?
- How does a full wave rectifier work
- How should we choose a cycling suit
- How do I raise our six puppies
- Which blogs have the best blog designs
- What can you bring to recycling centers
- Belts bad for you when you sing
- What is an unexpected danger in Belgium
- What makes you insignificant
- How does sacred geometry relate to yoga?
- How many people have American wars killed?
- Can acupressure relieve abdominal pain
- How do I learn to fight
- Will Tyrion survive his betrayal of Daenerys?
- Which is irrational pi or e
- How realistic are the social traffic police
- Why was it easy to conquer Persia?
- What can I mix with Fireball whiskey
- Why did Stana leave Katic Castle