Show simple item record

dc.contributor.advisorDavid D. Clark.en_US
dc.contributor.authorFruchter. Nathaniel H.en_US
dc.contributor.otherMassachusetts Institute of Technology. Institute for Data, Systems, and Society.en_US
dc.contributor.otherTechnology and Policy Program.en_US
dc.date.accessioned2019-11-12T18:13:22Z
dc.date.available2019-11-12T18:13:22Z
dc.date.copyright2019en_US
dc.date.issued2019en_US
dc.identifier.urihttps://hdl.handle.net/1721.1/122916
dc.descriptionThis electronic version was submitted by the student author. The certified thesis is available in the Institute Archives and Special Collections.en_US
dc.descriptionThesis: S.M. in Technology and Policy, Massachusetts Institute of Technology, School of Engineering, Institute for Data, Systems, and Society, Technology and Policy Program, 2019en_US
dc.descriptionCataloged from student-submitted PDF version of thesis.en_US
dc.descriptionIncludes bibliographical references (pages 79-85).en_US
dc.description.abstractSecurity notification schemes hold great promise for improving both consumer cybersecurity and general network health as malware and other sources of malicious activity are becoming more prevalent on home networks. For example, botnets of Internet of Things devices engage in denial of service (DoS) attacks and ransomware holds data on personal and commercial systems hostage. Many of these threats are relatively opaque for an end user. An end user may not know that their smart device is participating in a DoS attack at all, unless they notice a protracted slowdown in network speeds. An upstream network provider like a consumer ISP has more visibility into the issue. Due to their privileged position, ISPs often have more data about the status of a malware infection, denial of service attack, or other malicious activity. This extra information can be of great benefit for the purposes of notification. For instance, an ISP may be able to notify a customer that a device on their network is being used for a DoS attackor that they see communication with a server involved in distributing ransomware. ISPs and other organizations that try and implement these schemes often run into a set of questions: How do I get the right data to power the notification? How do I ensure the user trusts the notification? Can I ensure the notification is not spoofed? Is there an optimal way to present the notification? How do I make sure a user takes the proper remedial action? This thesis presents a framework for new notification schemes to answer these questions by examining four key elements of a notification: form, delivery, and content. It also proposes multi-factor verification, a novel scheme to address trust and spoofing issues within a notification scheme. Finally, it provides a model for a new ISP-user security notification scheme within the context of the United States market and policy landscape.en_US
dc.description.statementofresponsibilityby Nathaniel H. Fruchter.en_US
dc.format.extent85 pagesen_US
dc.language.isoengen_US
dc.publisherMassachusetts Institute of Technologyen_US
dc.rightsMIT theses are protected by copyright. They may be viewed, downloaded, or printed from this source but further reproduction or distribution in any format is prohibited without written permission.en_US
dc.rights.urihttp://dspace.mit.edu/handle/1721.1/7582en_US
dc.subjectInstitute for Data, Systems, and Society.en_US
dc.subjectTechnology and Policy Program.en_US
dc.titleEnhancing ISP-consumer security notificationsen_US
dc.title.alternativeEnhancing Internet Service Provider-consumer security notificationsen_US
dc.typeThesisen_US
dc.description.degreeS.M. in Technology and Policyen_US
dc.contributor.departmentMassachusetts Institute of Technology. Institute for Data, Systems, and Societyen_US
dc.contributor.departmentMassachusetts Institute of Technology. Engineering Systems Division
dc.contributor.departmentTechnology and Policy Program
dc.identifier.oclc1126790910en_US
dc.description.collectionS.M.inTechnologyandPolicy Massachusetts Institute of Technology, School of Engineering, Institute for Data, Systems, and Society, Technology and Policy Programen_US
dspace.imported2019-11-12T18:13:20Zen_US
mit.thesis.degreeMasteren_US
mit.thesis.departmentTPPen_US
mit.thesis.departmentESDen_US
mit.thesis.departmentIDSSen_US


Files in this item

Thumbnail

This item appears in the following Collection(s)

Show simple item record