News

Microsoft Researchers Look To 'De-Anonymize' Internet

Researchers from Redmond this week unveiled an anti-hacking concept that can help track hackers or malicious content to origin servers.

The Host Tracker program, introduced by Microsoft Research's Yinglian Xie, Fang Yu and Martin Abadi at the SigComm 2009 conference in Spain, is a work in progress. The goal of the project is to "de-anonymize the Internet" through the ability to host servers with 99 percent accuracy.

Host Tracker is designed to unmask would-be hackers who take advantage of anonymizing techniques by cross-referencing Internet protocol traffic data to identify the true origin. Redmond's representatives said the Host Tracker system relies on application-level events -- in this case, Internet Explorer browser sessions -- to automatically infer host-IP bindings.

The researchers ran some initial tests by analyzing a month's worth of data from an e-mail server, roughly 330 GB, to ascertain from the samples who may have been responsible for sending out certain types of spam. They studied some 550 million user IDs and 220 million IP addresses, and matched time stamps for message transmission or e-mail log-ons.

"The fact that we are able to trace malicious traffic to the proxy itself is an improvement because we are able to pinpoint the exact origin," Microsoft's Xie wrote (a PDF of the study can be found here).

From a practical perspective, the researchers said they hope that the program will result in better defenses against server-bound online attacks, spam campaigns, adware and other malware that is dependent on HTML code to execute properly. Further, Microsoft thinks this could be a boon for third-party security firms and security administrators at the enterprise level by giving them the ability to block certain hosts from sending messages, as well as the ability to use this data as a basis for IT auditing and forensic analysis of messaging and network systems.

"In the next-generation Internet, anonymity and traceability should be offered and reconciled by design rather than by accident," the researchers wrote.

About the Author

Jabulani Leffall is an award-winning journalist whose work has appeared in the Financial Times of London, Investor's Business Daily, The Economist and CFO Magazine, among others.

Featured

  • Microsoft Ending Three Certifications in June

    Microsoft announced plans on Thursday to end three certification programs on June 30, 2020, and that separate exams for Windows Server 2019 and SQL Server 2019 won't be available.

  • Microsoft To Bring Cortana Changes in Spring Windows 10 Update

    Microsoft plans to update the user experience associated with its Cortana personal assistant software with the coming spring feature update of Windows 10, according to a Friday announcement.

  • What It's Like To Work on the Moon (Without Actually Going to the Moon)

    Brien's lunar training often puts him in situations where where gravity, as we Earthlings know it, doesn't exist.

  • New Edge Browser Getting Ability To Block Unwanted Apps

    The new Chromium-based Microsoft Edge browser is getting the ability to block potentially unwanted applications (PUAs), Microsoft announced on Thursday.

comments powered by Disqus

Office 365 Watch

Sign up for our newsletter.

Terms and Privacy Policy consent

I agree to this site's Privacy Policy.