A new technique, called highly predictive blacklisting, uses data from past attacks to block potential attackers in future.
In the same way that Amazon can recommend a book by comparing your past reading habits to many other individuals, it is possible to predict how you will be targeted by malicious internet activity by comparing your history of attacks with other webusers.
The Irvine team have tested their algorithm on a dataset of 1 month’s worth of logs consisting of 100s of millions of security logs from 100s of networks. The team claims that the strike rate of its predictive blacklists is up to 70 per cent better than the state-of-the-art systems and that further improvements are well within reach.
My take – Amazon.com can recommend books because the Users (readers) have a specific taste and reading interest but in case of attackers – I do not think its as easy to draw the pattern, except the fact that professional hackers circle around the sites and databases with customer PIIs (Personally Identifiable Information).
