Search

User-Generated Content or User-Generated Threat

Loading...

Flash Player 9 (or above) is needed to view presentations.
We have detected that you do not have it on your computer. To install it, go here.

0 comments

Post a comment

    Post a comment
    Embed Video
    Edit your comment Cancel

    Notes on slide 1














    Most Web 2.0 properties rely on UGC, helps virality
    ex: Facebook, Youtube, Digg



    when people think of spam and mal. url distribution

    criminals not only use email to send URL, but web as well

    Content sometimes similar, sometimes different


    - Mal. code authors take advantage of weaknesses in web content control
    - Unless you actively protect, you’re vulnerable
    - Custom solutions don’t work well: never-ending arms race
    - ex: blocking viagra in email


    - a big annoyance

    - infect your users

    - if you don’t take the proper measures to counter this, chances are you are








    -Acquired January
    -I’m the founder
    -Leverage Websense intelligence
    -More than just spam, malicious too





























    Arms race, spam constantly evolves


    - humans
    - robots solve them
    - annoy your users, drive them away






    Favorites, Groups & Events

    User-Generated Content or User-Generated Threat - Presentation Transcript

    1. User-Generated Content or User-Generated Threat? The good, the bad and the ugly. Carl Mercier (@cmercier) Director of software development, Websense Founder, Defensio.com cmercier@websense.com O U T S M A R T I N G E V I L S PA M
    2. So, what’s UGC? O U T S M A R T I N G E V I L S PA M
    3. So, what’s UGC? • Text field? O U T S M A R T I N G E V I L S PA M
    4. So, what’s UGC? • Text field? • Submit button? O U T S M A R T I N G E V I L S PA M
    5. So, what’s UGC? • Text field? • Submit button? • User content published on the site? O U T S M A R T I N G E V I L S PA M
    6. So, what’s UGC? • Text field? • Submit button? • User content published on the site? O U T S M A R T I N G E V I L S PA M
    7. So, what’s UGC? • Text field? • Submit button? • User content published on the site? • It’s user-generated content. O U T S M A R T I N G E V I L S PA M
    8. Typepad WordPress Blogs Blogger Wikis Wikipedia Movable Type O U T S M A R T I N G E V I L S PA M
    9. Twitter LinkedIn Ning Social Networks MySpace Facebook YouTube O U T S M A R T I N G E V I L S PA M
    10. Support forums Discusson Forums Google Groups Yahoo! Finance O U T S M A R T I N G E V I L S PA M
    11. UGC is GREAT... Encourage it. O U T S M A R T I N G E V I L S PA M
    12. It gets your users involved O U T S M A R T I N G E V I L S PA M
    13. Builds communities O U T S M A R T I N G E V I L S PA M
    14. They’ll want to come back O U T S M A R T I N G E V I L S PA M
    15. Users can generate new content faster than you could O U T S M A R T I N G E V I L S PA M
    16. But like with many great things of this world, Protect Yourself! O U T S M A R T I N G E V I L S PA M
    17. UGC can be a security threat if you don’t recognize it as such O U T S M A R T I N G E V I L S PA M
    18. Protection on the web is often overlooked O U T S M A R T I N G E V I L S PA M
    19. ~90% of all UGC is unwanted O U T S M A R T I N G E V I L S PA M
    20. Is your website at risk? O U T S M A R T I N G E V I L S PA M
    21. Is your website at risk? Probably. O U T S M A R T I N G E V I L S PA M
    22. 2 big families of unwanted UGC O U T S M A R T I N G E V I L S PA M
    23. Viagra Male Enhancement Casino Steroids SPAM Ringtones Vicodin Pr0n Xanax O U T S M A R T I N G E V I L S PA M
    24. Phishing Trojans Rogue AV Malicious Content Viruses Worms Fraud O U T S M A R T I N G E V I L S PA M
    25. Are you legally liable? O U T S M A R T I N G E V I L S PA M
    26. Are you legally liable? Talk to your attorney... O U T S M A R T I N G E V I L S PA M
    27. But why? I didn’t do anything wrong! O U T S M A R T I N G E V I L S PA M
    28. The Why’s of Bad UGC O U T S M A R T I N G E V I L S PA M
    29. The Why’s of Bad UGC • There’s money to be made O U T S M A R T I N G E V I L S PA M
    30. The Why’s of Bad UGC • There’s money to be made • Additional vector for spreading Vi@gra, pr0n, ringt0nes O U T S M A R T I N G E V I L S PA M
    31. The Why’s of Bad UGC • There’s money to be made • Additional vector for spreading Vi@gra, pr0n, ringt0nes • Inexpensive O U T S M A R T I N G E V I L S PA M
    32. The Why’s of Bad UGC • There’s money to be made • Additional vector for spreading Vi@gra, pr0n, ringt0nes • Inexpensive • Less defense vs email: easy to break in O U T S M A R T I N G E V I L S PA M
    33. The Why’s of Bad UGC • There’s money to be made • Additional vector for spreading Vi@gra, pr0n, ringt0nes • Inexpensive • Less defense vs email: easy to break in • “Google-Juice” (tm) O U T S M A R T I N G E V I L S PA M
    34. Mom... I’m scared! What does Websense do about this? O U T S M A R T I N G E V I L S PA M
    35. O U T S M A R T I N G E V I L S PA M Anti-spam service for social web applications O U T S M A R T I N G E V I L S PA M
    36. The average semi-active blog O U T S M A R T I N G E V I L S PA M
    37. The average semi-active blog • 20,000 to 40,000 unwanted comments posted/ month O U T S M A R T I N G E V I L S PA M
    38. The average semi-active blog • 20,000 to 40,000 unwanted comments posted/ month • Over 100,000 spam or malicious URLs O U T S M A R T I N G E V I L S PA M
    39. The average semi-active blog • 20,000 to 40,000 unwanted comments posted/ month • Over 100,000 spam or malicious URLs • 5% is phishing or fraud (5,000) O U T S M A R T I N G E V I L S PA M
    40. The average semi-active blog • 20,000 to 40,000 unwanted comments posted/ month • Over 100,000 spam or malicious URLs • 5% is phishing or fraud (5,000) • 1% is malicious exploit (1,000) O U T S M A R T I N G E V I L S PA M
    41. 1 Month in the Defensio world Canada Saudi Ukraine 1.90% 1.90% Brazil 2.24% 2.83% 80% of web spammers China 2.88% are in top 10 countries Sweden 3.35% Russian 4.03% United Kingdom 36.79% Bots & HUMANS are USA 15.22% posting malicious content Germany O U T S M A R T I N G E V I L S PA M 28.86%
    42. 1 Month in the Defensio world Chart 13 Dragonara.NET 23.30% 60% of web spammers are in top 20 /16 networks OTHERS 59.66% Top offenders 194.8/16 HetznerOnline 12.03% + 78.46/16 + 89.149/16 = 40% of all web spam INES Telecom 5.01% Dragonara.NET HetznerOnline INES Telecom OTHERS O U T S M A R T I N G E V I L S PA M
    43. 1 Month in the Defensio world Among top offenders: Rogue AV O U T S M A R T I N G E V I L S PA M
    44. 1 Month in the Defensio world Among top offenders: Rogue AV O U T S M A R T I N G E V I L S PA M
    45. 1 Month in the Defensio world O U T S M A R T I N G E V I L S PA M
    46. 1 Month in the Defensio world • Targets top web properties O U T S M A R T I N G E V I L S PA M
    47. 1 Month in the Defensio world • Targets top web properties • my.barackobama.com O U T S M A R T I N G E V I L S PA M
    48. 1 Month in the Defensio world • Targets top web properties • my.barackobama.com • Digg O U T S M A R T I N G E V I L S PA M
    49. 1 Month in the Defensio world • Targets top web properties • my.barackobama.com • Digg • Sony Pictures O U T S M A R T I N G E V I L S PA M
    50. 1 Month in the Defensio world • Targets top web properties • my.barackobama.com • Digg • Sony Pictures • Google O U T S M A R T I N G E V I L S PA M
    51. 1 Month in the Defensio world • Targets top web properties • my.barackobama.com • Digg • Sony Pictures • Google • Youtube O U T S M A R T I N G E V I L S PA M
    52. 1 Month in the Defensio world • Targets top web properties • my.barackobama.com • Digg • Sony Pictures • Google • Youtube • Microsoft Live O U T S M A R T I N G E V I L S PA M
    53. 1 Month in the Defensio world • Targets top web properties • my.barackobama.com • Digg • Sony Pictures • Google • Youtube • Microsoft Live • Yahoo! O U T S M A R T I N G E V I L S PA M
    54. 1 Month in the Defensio world • Targets top web properties • my.barackobama.com • Digg • Sony Pictures • Google • Youtube • Microsoft Live • Yahoo! • LinkedIn O U T S M A R T I N G E V I L S PA M
    55. O U T S M A R T I N G E V I L S PA M
    56. Posted 15 days ago, links to a site that did not yet exist. Target site registered 13 days ago! O U T S M A R T I N G E V I L S PA M
    57. Differences to e-mail spam O U T S M A R T I N G E V I L S PA M
    58. Differences to e-mail spam • Follows current events more closely • Barack Obama • Superbowl • NCAA March Madness O U T S M A R T I N G E V I L S PA M
    59. Differences to e-mail spam • Follows current events more closely • Barack Obama • Superbowl • NCAA March Madness • Target large web properties • Helps their Google Juice • More people see it O U T S M A R T I N G E V I L S PA M
    60. Differences to e-mail spam O U T S M A R T I N G E V I L S PA M
    61. Differences to e-mail spam • Use of BOT is less • Outsourced to humans O U T S M A R T I N G E V I L S PA M
    62. Differences to e-mail spam • Use of BOT is less • Outsourced to humans • Your site will likely be spammed within 10 days O U T S M A R T I N G E V I L S PA M
    63. Differences to e-mail spam • Use of BOT is less • Outsourced to humans • Your site will likely be spammed within 10 days • Higher likelihood to link to malicious, phishing, fraud O U T S M A R T I N G E V I L S PA M
    64. Differences to e-mail spam • Use of BOT is less • Outsourced to humans • Your site will likely be spammed within 10 days • Higher likelihood to link to malicious, phishing, fraud • Much less distributed than e-mail spam O U T S M A R T I N G E V I L S PA M
    65. Similarities to e-mail spam O U T S M A R T I N G E V I L S PA M
    66. Similarities to e-mail spam • Email and web spam often link to the same sites O U T S M A R T I N G E V I L S PA M
    67. Similarities to e-mail spam • Email and web spam often link to the same sites • Similar motives, likely same people O U T S M A R T I N G E V I L S PA M
    68. Similarities to e-mail spam • Email and web spam often link to the same sites • Similar motives, likely same people • Sometimes use same obfuscation tricks for URLs and hostnames O U T S M A R T I N G E V I L S PA M
    69. Ok, I’m convinced. How do I protect myself? O U T S M A R T I N G E V I L S PA M
    70. Doing it yourself is a bad idea. O U T S M A R T I N G E V I L S PA M
    71. A word about CAPTCHAS... O U T S M A R T I N G E V I L S PA M
    72. They DON’T WORK. O U T S M A R T I N G E V I L S PA M
    73. You should deal with experts. O U T S M A R T I N G E V I L S PA M
    74. LIKE US! ;-) O U T S M A R T I N G E V I L S PA M O U T S M A R T I N G E V I L S PA M
    75. LIKE US! ;-) O U T S M A R T I N G E V I L S PA M • www.defensio.com O U T S M A R T I N G E V I L S PA M
    76. LIKE US! ;-) O U T S M A R T I N G E V I L S PA M • www.defensio.com • Spam & malicious code protection for your web application O U T S M A R T I N G E V I L S PA M
    77. LIKE US! ;-) O U T S M A R T I N G E V I L S PA M • www.defensio.com • Spam & malicious code protection for your web application • Now leveraging Websense’s awesome intelligence O U T S M A R T I N G E V I L S PA M
    78. Questions? Twitter: @cmercier & @websense Email: cmercier@websense.com Web: www.defensio.com O U T S M A R T I N G E V I L S PA M

    + cmerciercmercier, 6 months ago

    custom

    458 views, 0 favs, 0 embeds more stats

    April 16, 2009, Western Canada Information Security more

    More info about this document

    © All Rights Reserved

    Go to text version

    • Total Views 458
      • 458 on SlideShare
      • 0 from embeds
    • Comments 0
    • Favorites 0
    • Downloads 0
    Most viewed embeds

    more

    All embeds

    less

    Flagged as inappropriate Flag as inappropriate
    Flag as inappropriate

    Select your reason for flagging this presentation as inappropriate. If needed, use the feedback form to let us know more details.

    Cancel
    File a copyright complaint
    Having problems? Go to our helpdesk?

    Categories

    Tags

    -->
    Search
    RSS Feed
    What's new?

    © 2009 SlideShare Inc. All Rights Reserved