|
|
|
Startup Fights Botnets with New Approach
By: Brian Prince
2009-07-16
Article Rating: / 2
There are 7 user comments on this Network Security & Hardware story.
Spammers have taken to cracking CAPTCHA protection for Microsoft Hotmail, Google Gmail and other Web mail services in recent years. Startup company Pramana is pushing a proactive approach to keeping botnets at bay.CAPTCHA cracking has become big business for
spammers, and there has been no shortage of chinks in the armor.
But a startup is taking a new approach to the
battle. Pramana's
answeravailable as an appliance or as SAAS (software as a service)is HumanPresent,
the technology the company is aiming directly at spammers who have made a
business out of defeating CAPTCHA.
Conceived at the Georgia Institute of Technology's
College of Computing, Pramana was founded in
June 2007. The company is targeting four major
markets: financial services, online gaming and gambling, Web mail, and ISPs and
social networking sites.
In recent years, spammers
have made mincemeat of CAPTCHA protections for Google Gmail, Yahoo and
other Web mail services. Much
of this spamming work is done by botnets, and this is where Pramana said it
feels its approach can serve as a vanguard of sorts.
Unlike other products, Pramana's HumanPresent technology
doesn't fingerprint devices to identify a bot activity. Instead it
works by monitoring and validating the entire user session from the
beginning of a transaction to the end. The technology is deployed as an
embedded API
in a customer's Website and is transparent to the user.
When a request is made to a Website, the company
protecting the customer contacts Pramana's server. Pramana responds with a
JavaScript package that contains listeners that gather information for Turing
tests executed on the back end, at the client's site. After the user has
entered information and the page is submitted or unloaded, the results of the
tests are sent back to Pramana and put through its algorithm.
"We capture everything about the human
behaviorthe time between actions, the time during actions, every event fired,
every possible mouse movement [or] click, [and] so on [and] so forthand we put
that through some algorithms that have literally been five years in the making,"
explained Pramana CEO
David Crowder.
The company is constantly expanding its heuristics
database, which regularly updates all Pramana servers with new Turing tests to
implement. The idea is to prevent tests from becoming stale and to adjust to
threats around the globe.
"It's proactive," Crowder said. "What
I mean by that is the thing that strikes me the most is if you look at the
paradigm right now with the virus situation, by definition every virus has to
be successful [before] the anti-virus companies react to it We are like that
for the bots."
He continued, "We're the guys constantly
coming up with the ways they would have to defeat us, and they're never going
to catch us. Just like we're never going to catch the virus authors the bots
and the botnet fraudsters are always going to be reactive to us. We're
constantly adding these new strategies, the Turing tests, every single week."
| | Reader Comments: Startup Fights Botnets With New Approach | | >>> Post your comment now!
| | Good newsFortunately the folks commenting aren't the folks responsible for ecommerce fraud. *If it works, it could huge. Posted At: 09-15-09
By: Jammer | | | | | | A user comment on this articleWow, isn't that how a key logger acts. Hmmm AV vendors probably wont like that and I am not to comfortable fedexing my keystrokes and mouse... Posted At: 07-21-09
By: Anonymous | | | | | | A user comment on this articleIts amazing how paranoid people are. Tell me, if you cannot deal with JavaScript, how will you deal with a virus/malware when you actually get one?... Posted At: 07-21-09
By: Anonymous | | | | | | | | | | | | Natch...Another epic fail for stopping spammers. It won't be long before this too is rendered useless by adaptive spammers. Posted At: 07-17-09
By: Anonymous | | | | | | A user comment on this articleWhat's fortunate, is that the technology doesn't actually block anybody. It informs the application server that the user is a bot and the app server... Posted At: 07-17-09
By: Anonymous | | | | | | When humans failI wonder when humans fail this touring test what that will do for the user experience :) "Sorry your behavior has been identified as Spammy, Your... Posted At: 07-17-09
By: SkipTree (Atlanta) | | | | | | >>> Post your comment now! | | | | | |
|
 |
|
|
�������x}v6�EW-mdy,=h)��S|Iv^b|g_bq��%Ng-�D�U*�
w�~ II56%S�E�}"I{�C(~`R˩��IZN�ڶ?
�}�~mkr�u��;�{#|6�%߽w ^�{��#�K&�OVgMھlM1e�ck_gp��,Fc�wM5d|ZC'A�jZ�lZ P8"X.�(
fwm<&6�\'|7*� pTƖþ�=a���M"h4"j�>v\'gώɀYWF�
{.Qu^?#2]�hj:W�{7v+!6^�;�r9ȹ�׳oGh�=3dc7l#205NR�Z [��XdTZ���ӡk)�p�55\`p�)jHZ6tG,> H>�P7s�IzV@��daS�ב�O*! lpa+j)yp
Olˇ�;)xA'�ס"
g�m_j|��uns<"s~3 r�d�HU
6� �c p==\'DL<:/GyӝÌfؖqwh �ݱJZUQ�bP)��;Eo[©̝
wΨ5oVʪ)awٺʑ��C[w5-%u�PtZ^O.7v<>6vx//;YJM~c/DR�˅4D>��-āVP��N:5=(G~㖯[��MюR=6,g��f�V҈�g�UU�YNZ͓bni^W^�'97fٚY^�ji�ed�X�]1�-U5m{#krּi6{
ܹGtHM��Wh:w N/z�O|nx8=|�kh2�`c�RZ:{d�κOWM2 Ǔv$Y-Yi��C�j�ݖeB_ȻX_ˏ�K�$j̱n>�@|ˤd6L2T��c��]N�j_[Ѭzxx[c/�EU M�X�r)
t$Ϲu_˝�7�>hr�
Ce)#p?�݃I��hJq�䰉k>ذ�1�"%��hJ@{�e�
TI��%嗋�mf>�]R${3BD�Ƚ`g@qE�!\J�!=!
g�|��8U%Ku}7�pe
CzlNTVʒ0Wb{�(�E�ށ:yx<#e:^ S�%g�5F8�,h�eݴ%!�m7MGR>M*%xX=.BEPU
X@8ʍ�??1m!SG�ñA
3M:vy0�`���;}J�Oiͧ89~��t$�AG66^�K
tcb���>'ݨä��7X(x=�c�O6%_�¤><�)gv�&ztmP`��5$ǎC-ߟ�L=�s#08�w�ɽ�5�y0f+wKPb�L���TM}��PC�\7 >)�@}�9g�)�Qm^l}h`1 �5�%qF�@i0x�zD�ȣ��ԟH.B$(ZȻ�B�!A�l~���[$p X V0(� a�b
.<��Ҷ�B�Imw�RTD;7 KŔ=*%�nqR%a 934YIjL=?�j1!U�G�,D`v9J,L��.�Y
/��je[+�R,4�T(9
.+Ò*!0G@VTyy&)d[�L9<�p��X^0&�1 7R�'��~Xz��poFaB?1fѺ)Mu!��@3~�~6T�>L�ddG�ٚMO>�BB13
�{A3u�OP#'Կ����;7u9\v,_{t?�Gc�NEiKJιo2ES�|,�n^ßf�1�d��_w\ճ&VAB
�glCC�2{�ޡ[f4Sy%ew{��RgaE8F2�b5k%ӇnS/|KĝR48'')Na�sW|��]ӨځYJb-yhHյ�$/gcP*�ou�R@[�&���ޒymE_x�ue8HiK-#�rB`}.�E�6Gh�?40��;L�v7p�=F�5}n�&=ߪ&�TY9?>2ei[F6oՒhcM;,Wbzgܱ��K���(�)m�ʥʫ�;ug@�4-=�f`�ۉ�yu��N�ϣ )a!�c"Q�+}ne�@ͤԪ�)X[�3�T�2.Q\�&�V,'`#zO3F��K~,Y\XKysyMٕ.�R-bFd>n6 '�[ar�S��hfh:l��<}6:Hy5՝5̆RPOIڏ9&�_G5�k�*Q�+wڶM�t]QG� X��:�X<���Q�Ro�>���\��!EX+LTBYad�[s�6/|�}xN`'\sW�[�"�L��J}�Nݡe�m*I�-b]Pr)�RLZ�06AaeL䱯^�t@�F�M@X�G�\d�����`�Аm}�!T0�|.WT�ˈ`m�S@Ak�SU�
Փ.E^~~�V��KŴ�谢��zԘ{}Q�ː
0gted��->��IR-��frheU-UjR9�D+ϏxW�G�"MϨ�H��_ଯ?
p�&�Xfa�^8��-w~����^Jbw%�eXY81f�-��1�0kE
�/ÊTU5+i
fB1&}�l��eA�X�~\U4Uud�¹�`��Qе�a�⢉�!h�+����4khý235RzVU;OP(�;Ђw>k-4{F;d�E.Բg*�*�5P6>*�0'nG=��W�H+��
�c4}�5��:*jAe߯y_�c�g)h�"QkF&:�FdH�t=Έ+6RΘT8˯!�q�:(TX�7gmE{H^ac7U�[@o�F)�g/ZW&h6Y�L[uɓo�ᔻ,q{S+)~�z�,tbjq
c0:g<�}'�[Q�Bn'�̳)AD)&�
/��j�hh{
~>ꪦ�`|,4̩"F�lؤκV:>�Se>e'_~T�Sc\O U�<@ng?,�YEn9&}+㗐gs�C/���ɹ%w��A֮N�ZPn^2i`$�ez(lYP;,g|��6S�i�4DZ6��s��ȈDrzןT�sc[~O�0�lu*%\.Y��i
r=ct�3e}{c:4N7pOUU�AS^<:h93$_P@hOXM\�?k78$mv_&*|92S�G)�EXqkX�c=O
f+(U|l�y5�&Q�rMu�E
l&ŏh(UrfُC~=ע,�A��7HU(V
�$�}�U��r=+h4Y+(#t�+^��}a
m.E<�9[ �1w�ʨ\I�SW">wD<�7Ϩ�;�}Nb���4���^IW�:ڍ5iv<On�'vem"X�I7$#�ְ�S##nƝj`.ӪV�$": ���Jj$7�rQӊ5�JR�'0�X 8zA�b�Q�=Y�r�v�jT
��d��K=� �j ;!�O}+�tS��Z1�wOXO\dK!O�%EDOC�V�gX&1솿V(ًk��㘘�\}?؇^?jUeqb��sE1 7�k{H�~��Zg�^���=�bE2�}{?wm/HAc˾tڟt �?�ZV��1h>\��{4{R��Y�Ժ�1i.R1~Jy0W��h>\�(d�0
sn6ó�M1k�0vhR`A��fF<$Ø��>#B�@I˸tϚלY0z!B�ZMUc z
E0ע8VT�+,k�̚_�f·|CAJNy�(��@�RPOh�[#ZvSt;3ĶA��VB�0F�D_TJi�)4z'u�3xv<^78S�j67"EGJN�^f�[LӷoHWs7�|E�dW(k��h,�UbsZ;uC�B2�Nlp
j[=hyA$�!rF�0xc�`s-H7սi^��eԉ8%4�\ ��{-~=�`��rv���PR)&Bz*I�;ˢ
ݖ2h�9�:)!O\F(2H P,O&e=l�I1 iKBih%bbVHGRo�wոܞm ybXýK3JVmc%yx2ű2k9�85(~�'�B}$XyKOv$Ť�b%%h8W:Brc���??Fdc:��M"�I^U֭˯Ȫ̅S.{ۋ�G#S~`q8-<��c�tH_7;`@L6CGf�K��=#tzoo=إ�֛%<�+~�O�}&
�~
]=z@qSx~=Ғ(�r_�ZDNq5jiAr\�?,J`\T�y^v} l$>?Gko[#D:*pctO�xc�Z�yi�襦�<<79w�Bf#E�VާA#�vc"Ql�� �jGY�{ζ\R~l6ϵؑ,�3�N2uX![jbDzX2%q4y)Yl�vűm�= Ry�81�MR.��S�pN$m'/R[��so$fze�ZF#�'9Ώ�#/6�<98b2H' SQ"JCG���D}&�q@Yfc2#O~��^��OwjRY)%�{I)"o�r&[l�*EPoG)
׳�Z`Gi!�#�tJ}�#[g{B!�~�B �!L I�ar�� �Q�YJ4%S !bY�W1hR&ep\�B�Dj�jOR�l�h!.�u }u�hnZ};;H֬PxuV�2G%%P!0��hXIdp3������BB8_�F��3-��_`z3}:+@�R�9^T!
*_�cG,i-�u%*�uyCۄТ86�be|ʵpaJ�
�s���Lp�EBH�0,�E$A~]�ʄDy6!ϭ�UAHW~u�7n n�;eIFtk"i�1X�aJ7 �#!ݞAhѷ;Z�4zⶬUy-Xݝ :'tBY>HTRS�W�טY66ᵏ'zD_�p2W�5I-X�N9)vR�y�c%||||Rr_e�_e�O%44~ ��[ /q�Sҥ3�SO��c{Qaq˙��+[w�fjvD&}�$IB�P@ �]?9M1վ$J%~�^�/58|('-5&�@��G Y��^"d�N=p�{5d"z��`T32m]��v�:�w0]^jb<�0��# `_^xm"y&]ϫ%k�/��Z�~� =nCY" �w�4.&=�REpϢNYնdWs6#_JH��ׅ"a'mE~lC�m�
=.|=j`lO5d�bэhwo0R]o̕+"�s% l!�H"� ���y/Bpȵ]ϢP��3
SL�hƺ#ֹt3�ꉈV&Ğ5elr@ORPP4l-p߳ U!u>NX�������yaa����PG��.p��rW�#�Ӈ�ï�V��|ȞF�>�o|�sw�=@hƢ<��ymw>ƮvE�Č�b��AA�_�o{ַ}MO1E�}�"]x�;ӧ!�3�eU!Q
j�V��gb�"�4,r|$TQ|6Qq-J]̱u�ƛz
i]\�c�ڢ/Ka�ְ<7q)Rc��p)t6Kk�MXm�ZpNf�ۼm`dX�[TjgfXV1y��*�^�g#�Ge#Z|9qܐNܡ�gbsXRXnS�$~�A�?RW��ѮoZ_T#ybuJ�ɸ�Q?�(p��[1�{@=�m ��?.��O�.=�`��ˊ�vמSN|l:u*juۏo��
g~խt 쀤Pְj��
&��>d �l����P^я TmSO^t5��D
�`7:%�aژ��?1v%1h}PR�
#==%1��{�c8,Gs8RG�ojoe+� ,U�#e7�ckjrD,?��t�$"R
+h���x��x�X2z|]FpxAҲ��}7�aES,�YrK11\RëBr\.he,zVdqK2&� #z�Й>��3&^�ME�U6'�a<::BMdEKTBh��x�7_5�R9}nZ˚bfƆ[/k�a�|e����b�_mj�_ڹ𮮴q� yK-9Z<�hfND`hݪݔh$ƄgE[T8�vX�Ku6��;2l�AƎ��lMᗚk烔K�pʭBף6:F�}H%MĀ�lh�*e�Վu9ګRѪE5�xk9jI*1�Ur6^Dֱ|z`!`�`z͂"Z{6֑:
b�RI+��MݳHtgx��
kHу%�pZQ�Z:<Q-DRbf�Ӄxx3�#�0����->Ø�zpWӸ{s<ڕ��
�sw�W�]KjL_�"|t02͝pѩ�F;6vCWѵATJ{=�{;%�hP�['+_uyZܞD�؞b,,9+?Xd�a�=%U$d[j4� <
|�H �\X�p,%B�"ͨa8TJ�o[ J}�J�0+�ƘZRU!TQ�L��m5W1儔�JzN[Ļ�O�W1h>b ˘C�$C?�W<00t+P̲jN�T\pY�=XCE3 cL�w>VHUljod@2�r�n늉1J��\-B@e=D�q�yy��öt?p��Hgx�ZJ�C�s
"P�V:�
�![CD/1M͍$�u�~v�K)
&.X`3��Y�ej��xp���c8tv��&+ӬFCjAv`�`��\�u
l9�:U�@�g�>�0u�s�rs��RC´vx8X-n�B�<䱤�P��<'�<,M�7,X�e2���{x���bRU+J)|�U���3ʰ�LXUK3ʗ��Q�ͲG2Vq
&JZ!
�`x�ZNrdhz?J=
,C? �&O=lFL
r�WWO{M�$'Uս$'v��@a[+��|SwNgNW[ͫe?W?<�d(ll2/*�˙͓Q�9ltNS�ʩhSg̵,�9%�^;�^k%;飱8�ۄY
�lGyї�5�1zSa0K9o]7{=-Z[[�Ai��L%/fyS�M�/G��}*4=67a\nq���4ħfy'f�ԼVx�vlg�?g�d_C�pj#�r3Y3�Oח�}3�!�>B�\u2ʡuQ�oe^s/�Z_��0;��;�w�~'�>зA�ЧA���g'?QF/3�((�-�坌r�ˌ�̐K�ˌB�f.n~�+Q�:z/���?�?�}�(*�n2�d�oʁo3�ڿh�6s$eCPȐ�.^N�pN2KI�ʠ/W@a uyQ~��@y�J2,c2\.�e{�);[?[Ngu
CFWz�^S_yڜꖽpۭ]��h7q_l %^a/TZE�/ޤr^��<̂\+�g�ل�@CX{#u��'NW4C�ﹺ�d^ WsU�}ӉzZŚ/J�Y�mJ5�f�aOd_+j0{"%Y#ܻ�GznQ!��/L2~�<'ԎnOAr}��n��7�}z��n��_�x�܊xG5ip�ŭhg?>/�ydֺ+_F+p'k͠?~�%kS8L^d6yx߇���O��WY�-J�bġ�${�z�?f�4Cg>�'[
j*8�5ߚ�Yu8��%��
H-M�ԳpN88�a>5C7&$�表~5d]M4pƴ�{c���ö0FrP*�5VZ*{_m10q����z@�b�3jJUN�maX��,.g��^9�Q(Fuoo*N0�njy�=qҐ'�a��1V1;BDO"��Уc�o]v̚Hbe�jf�saSKp^Wv,�P�X0�~YDP*`!�K؞.�^͇$
a�X?b{I�W3hېMX�clɢ]k*b�C�5�t&8R5ǝar�0A���
{}�z<8VN)ÏYF
�
T z�dKdp!gB-ZӋt�8He)�D ˺暤B`
�,kϗ9,@aƈ�kDM�In�v�H:OlH�l#��Kz�>t��aQ�s�溼�t�dFK�<���Ʊs� �(2-c�8]R�puJIcYqQ�.1
��3��_?�>E7Z=���q}|5h_z�chd1Gk��_$'1x_%05:�%�xr�Ӎ�g#3kwԥ¹:~%.,wjsSXy=y�1G/Cu<ɿl/fx`(�N"S�0�PqcZf�=^,u60H-��t{x -gWB#͞ޓ�fKH"L'd�_�cm^S%&aBc
M�=�g����Cc.0߀ħ�%Bf�:2�Ş�_ m>V^�s��9q�C�hq%_ ;'��>$Xm)ۺb,ӧ6M\�-2~ v'f��C�
>1qN@>FՋpOa{�FwmDcd�xjA߭ed#ə�W
B|��,*-Ŋ]iSmu�s�f[}EQv[�VAgL3ƃY,�> N_$�v�%�B+/��8>eHC[gy2T~sJ=*P�=gZPO[]�n"�,gIomG}k_V�h�ń�K"l9F>^I;.~9K^��T~3)N��tw|7(6؎L�
ϻ�Hj)t��I`_P�&)1��|�j7;�dFٱs�˜2J1Д8v2COA=t
�ԛƵl2- ����wH�V&Lt>�;OulghW��(9|�x@NlM9M\e~��=-��Y0^ p,�^f�@�m<�`
G6J$߂)0t)�Fu:h��Y W�%6����~���0qMĶ2p�ئ?MkSw(\*],1Ał?�vLw&�9jE '8"U][
6s6�Na^|ۺ+Aўx糺�aжJWt�{%�C>KrX}P/):�OOg�sZ�%.^��H�v�"�]%�,c �0У,*0�zs�hՆG���X�x;[)�qy6`9<Щ0�\nXe�ܔ�uF:]�hT_�!^UD'�����^k'gym/�|�e�#�FP1]9ov$ѿ�9�a�lX���^|M�wϏp�`�3[\g0^o,eH&}+qd.
"�$8jo.-(ua4,Lb9 �"[^QI�(f�vX�3e�|"@a)5|bIn�~ӧ�f<�4W�6QĶq��yuʵ-���˩;{bO�|Y{D85R7ÌP�9ϓ a�0
+�=�:`-�sq=C�&
C�\W��5�4Ƙe>0�y,X�B��L+�5�2lt*�
XJ!KŬ"D0H��'%o[���'�R$la,
��r3 ;Ev Z.�3���R0/xq�Ϣa�0SSQ2��+$Yp?ZQ|mwc3u㎗4Npxy&/(KO�- N� $�gg��Pw r9Fͳ���G`b�hPfYSVIĽGv��36HZ�\֓CX-lu;
og"f/�On6%s|N�VKI+^~)M�S9Q�3;�V&|��Z2c
N_�?L�S)��
|
Network Security & Hardware 
