Enhancing ISP-consumer security notifications
Author(s)Fruchter. Nathaniel H.
Enhancing Internet Service Provider-consumer security notifications
Massachusetts Institute of Technology. Institute for Data, Systems, and Society.
Technology and Policy Program.
David D. Clark.
MetadataShow full item record
Security notification schemes hold great promise for improving both consumer cybersecurity and general network health as malware and other sources of malicious activity are becoming more prevalent on home networks. For example, botnets of Internet of Things devices engage in denial of service (DoS) attacks and ransomware holds data on personal and commercial systems hostage. Many of these threats are relatively opaque for an end user. An end user may not know that their smart device is participating in a DoS attack at all, unless they notice a protracted slowdown in network speeds. An upstream network provider like a consumer ISP has more visibility into the issue. Due to their privileged position, ISPs often have more data about the status of a malware infection, denial of service attack, or other malicious activity. This extra information can be of great benefit for the purposes of notification. For instance, an ISP may be able to notify a customer that a device on their network is being used for a DoS attackor that they see communication with a server involved in distributing ransomware. ISPs and other organizations that try and implement these schemes often run into a set of questions: How do I get the right data to power the notification? How do I ensure the user trusts the notification? Can I ensure the notification is not spoofed? Is there an optimal way to present the notification? How do I make sure a user takes the proper remedial action? This thesis presents a framework for new notification schemes to answer these questions by examining four key elements of a notification: form, delivery, and content. It also proposes multi-factor verification, a novel scheme to address trust and spoofing issues within a notification scheme. Finally, it provides a model for a new ISP-user security notification scheme within the context of the United States market and policy landscape.
This electronic version was submitted by the student author. The certified thesis is available in the Institute Archives and Special Collections.Thesis: S.M. in Technology and Policy, Massachusetts Institute of Technology, School of Engineering, Institute for Data, Systems, and Society, Technology and Policy Program, 2019Cataloged from student-submitted PDF version of thesis.Includes bibliographical references (pages 79-85).
DepartmentMassachusetts Institute of Technology. Institute for Data, Systems, and Society; Technology and Policy Program
Massachusetts Institute of Technology
Institute for Data, Systems, and Society., Technology and Policy Program.