| 词条 | Shadowserver |
| 释义 |
Shadowserver Foundation is a nonprofit security organization[1] that gathers and analyzes data on malicious Internet activity (including malware, botnets, and computer fraud), sends daily network reports to subscribers, and works with law enforcement organizations around the world[2] in cybercrime investigations. Established in 2004[3] as a "volunteer watchdog group,"[4] it liaises with national governments, CSIRTs, network providers, academic institutions, financial institutions, Fortune 500 companies, and end users to improve Internet security, enhance product capability, advance research, and dismantle criminal infrastructure. ActivitiesData collectionShadowserver scans the IPv4 Internet 30 times per day. It harvests data on malware, spam, bots, and botnets[5] using large-scale sensor networks of honeypots and honeyclients[6] placed throughout the world. It uses sinkholes to collect data on bots and DDOS attacks. It also receives additional malware and sinkhole data from governments, industry partners, and law enforcement agencies that have established reciprocal data-sharing agreements with Shadowserver. Data analysisShadowserver stores raw malware data permanently in its repository. As new data are collected, Shadowserver analyzes them using thousands of virtual sandboxes and hundreds of iron sandboxes. It regularly re-analyzes raw data previously collected. The results of these analyses are stored in the organization's analysis cluster. Network reportingShadowserver sends daily custom reports to users who have subscribed to them. The reports contain all the data that Shadowserver has collected and analyzed about any suspicious activity it was able to detect within the specific networks or regions for which the subscriber is responsible. For example, a national government might receive data aggregated by geo-spacial coordinates defined by latitude and longitude, while an international network provider might receive data filtered by ASN. Investigation supportShadowserver liaises with security organizations, national governments, and CSIRTs to dismantle global cybercrime networks; for example, it worked with the FBI, Europol, and Interpol to take down the Avalanche network in 2016.[7] It also helps law enforcement partners to develop strategies against cyber security threats and to mitigate threats as they emerge, focusing on cases that involve criminal abuse of the Internet’s infrastructure. References1. ^{{Cite web|url=https://www.crunchbase.com/organization/the-shadowserver-foundation|title=The Shadowserver Foundation {{!}} Crunchbase|website=Crunchbase|language=en|access-date=2018-02-13}} 2. ^{{Cite news|url=https://www.theatlantic.com/magazine/archive/2015/05/bank-of-the-underworld/389555/|title=Bank of the Underworld|last=Halpern|first=Jake|work=The Atlantic|access-date=2018-02-13|language=en-US}} 3. ^{{Cite news|url=http://news.bbc.co.uk/2/hi/technology/5407478.stm|title=Tackling the botnets at source|date=2006-10-05|access-date=2018-02-13|language=en-GB}} 4. ^{{Cite web|url=https://usatoday30.usatoday.com/tech/news/computersecurity/infotheft/2006-10-11-cybercrime-hacker-forums_x.htm|title=Cybercrime flourishes in online hacker forums - USATODAY.com|website=usatoday30.usatoday.com|access-date=2018-02-13}} 5. ^{{Cite news|url=https://www.washingtonpost.com/wp-dyn/content/article/2006/03/21/AR2006032100279.html|title=Bringing Botnets Out of the Shadows|last=Krebs|first=Brian|date=2006-03-21|access-date=2018-02-13|language=en-US|issn=0190-8286}} 6. ^{{Cite news|url=https://www.darknet.org.uk/2006/06/shadowserver-battles-the-botnets/|title=Shadowserver Battles the Botnets|date=2006-06-29|work=Darknet|access-date=2018-02-13|language=en-US}} 7. ^{{Cite news|url=https://www.europol.europa.eu/newsroom/news/%E2%80%98avalanche%E2%80%99-network-dismantled-in-international-cyber-operation|title=‘Avalanche’ network dismantled in international cyber operation|work=Europol|access-date=2018-02-13|language=en}} External links
1 : Computer security organizations |
| 随便看 |
|
开放百科全书收录14589846条英语、德语、日语等多语种百科知识,基本涵盖了大多数领域的百科知识,是一部内容自由、开放的电子版国际百科全书。