Security

Not-a-Bot (NAB): Improving Service Availability in the Face of Botnet Attacks

Free registration required

Executive Summary

A large fraction of email spam, distributed Denial-Of-Service (DDoS) attacks, and click-fraud on web advertisements are caused by traffic sent from compromised machines that form botnets. This paper posits that by identifying human-generated traffic as such, one can mitigate botnet attacks, by servicing human-generated traffic with improved reliability or higher priority. The key challenge is to identify human-generated traffic in the absence of strong unique identities. The authors develop NAB ("Not-A-Bot"), a system to approximately identify and certify human-generated activity. NAB uses a small trusted software component called an attester, which runs on the client machine with an untrusted OS and applications.

  • Format: PDF
  • Size: 380.86 KB