As a kid, I loved to lay on the grass at night and stare at the stars. Even though I knew of some constellations, I would try to find new patterns among the billions of stars. New connections. New meaning. As WebPulse hit one billion requests in one day, it reminded me of those days as a kid. On the WebPulse team, we map internet connections and look for patterns, both good and bad. Hitting one billion requests is a significant milestone.
What does this number mean? When McDonald’s served one billion hamburgers in 1963, it cemented the fast food industry as a permanent part of society. When Google indexed one billion web pages in 2000, it signaled the Internet boom was upon us. For WebPulse, serving this many requests from businesses, government organizations, consumers and schools worldwide gives us more intelligence about web patterns and user behaviors, which helps us more efficiently and effectively identify, track and block the malware that plagues users. Simply put, when a malware or phishing attack takes place, the malnet (malware network) activity sticks out like a sore thumb.
So just what do those one billion requests show us? First and foremost, we see where people are going:
- Search Engines/Portals were the most requested category of content (also the leading user entry point into malnets)
- Social Networking was the third most requested category of content (the fifth most popular user entry point into malnets)
As well as how much malware they are coming across:
- More than one million requests to Malware Sources
- 1.4 million requests for Malicious Outbound Data/Botnets
- More than 3 million requests for content categorized as Suspicious, which is often associated with known malnets
From that, we can draw conclusions that help us create better defenses, identify future attacks from known malnets and build behavioral profiles.
This is a graphical representation of Shnakule, the largest malnet on the web.
To a grown-up security technologist, this is almost as beautiful as the stars in the sky.
John Ahlander is Director of Product Management with responsibility for WebPulse and K9 Web Protection.
Leave a reply