Data sharing: One of our primary goals for 2013 was to build out our data sharing program (DSP) to make it a viable resource for participants and future research. Since the end of September, the data shared in the DSP included 550K unique URLs from over 154K domains and 725 TLDs. We’ll be sharing further intel and analysis from the program with our partners in the coming months.
Of note: There’s a lot of chatter in the security sphere about data sharing and the importance of collective action. But it takes gumption to step up and contribute what can often be classified as proprietary data to a communal pool in the name of common good—especially when that communal pool includes competitors. We tip our hats to the DSP's inaugural participants for their gumption: Internet Identity, ESET, Fortinet, and Sophos. Thanks from our staff and leadership to the forward-thinking security researchers and evangelists at these companies who championed data sharing. We’re just getting started.
Partner Program: In its second year, our Partners Forum featured nine presentations from partner companies and guests on topics such as Man-in-the-Browser attacks, honeypot architecture, malware data in Verizon’s DBIR, and the technical landscape of different data sharing initiatives around the world. Several partners shared proprietary analysis of high-profile malware campaigns, we heard from researchers on empirical analysis of factors affecting malware URL detection, and we hosted a discussion with Vint Cerf on the future of security. We’ll kick off 2014 by sharing research of our own with our partners.
Review process: We processed just shy of 40,000 independent review requests from website owners and network operators whose sites were affected by malware. As we noted earlier, review process data for 2013 indicated some positive change: 84% of the reviews requested from us this year (as opposed to 56% last year) were closed successfully without the need for manual testing. This means most sites submitted for review in 2013 were found to be free of badware (i.e., by Google’s automated scanning process) at the time they were submitted. We’re working on mechanisms to consistently track other key metrics, such as how long sites stay clean once they’re removed from blacklists.
We Stop Badware™ Web Hosts: The program’s second full year brought total participation to 80+ hosting providers from 29 countries on all six (non-ice-covered) continents. We perform audits several times a year to check whether participating hosts are responding to test abuse reports in a manner consistent with our best practices. One of our goals for 2014 is to begin publishing data from these tests—stay tuned.
Add new comment