TrustedSource

Last updated
McAfee TrustedSource
TrustedSource logo.png
Developer(s) McAfee
Website www.trustedsource.org

TrustedSource is an Internet reputation system originally developed by CipherTrust and now owned by Intel Security. It provides reputation scores for Internet identities, such as IP addresses, URLs, domains, and email/web content.

Reputation data and content categories, as well as global email, web and other network traffic patterns observed by TrustedSource ecosystem, for any IP address, domain, or URL can be checked from the TrustedSource.org portal site [1]

TrustedSource works by analyzing in real-time traffic patterns from email, web and network data flows from McAfee's global set of security appliances and hosted services, as well as those of partners like F5 Networks. Working off that data stream, it applies data mining and analysis techniques, such as Support Vector Machine, Random forest, and Term-Frequency Inverse-Document Frequency (TFIDF) classifiers [2] to determine the degree of maliciousness and security risk associated with each Internet identity, as well as perform content categorization.

The numeric scores that result from that analysis are then combined with local filtering policies of devices and services that utilize TrustedSource to make an accept/deny/traffic shape types of decisions on the network connections associated with those Internet identities.

Internet reputation systems like TrustedSource are useful to effectively block network-based attacks sent over email, web and other protocols[ citation needed ]. They benefit from the global sensor network reporting attack patterns in real-time and the intensive behavioral analysis is distributed across a world-wide network of systems instead of unnecessarily utilizing processing power of local security devices[ citation needed ]. Those systems have also been effective at tracking and monitoring botnets[ citation needed ], such as the infamous Storm worm. [3]

Related Research Articles

Computer worm standalone malware computer program that replicates itself in order to spread to other computers

A computer worm is a standalone malware computer program that replicates itself in order to spread to other computers. Often, it uses a computer network to spread itself, relying on security failures on the target computer to access it. Worms almost always cause at least some harm to the network, even if only by consuming bandwidth, whereas viruses almost always corrupt or modify files on a targeted computer.

Proxy server server that acts as an intermediate between a client and its destination server

In computer networking, a proxy server is a server application or appliance that acts as an intermediary for requests from clients seeking resources from servers that provide those resources. A proxy server thus functions on behalf of the client when requesting service, potentially masking the true origin of the request to the resource server.

Virtual private network Allows a private network to go through a public network

A virtual private network (VPN) extends a private network across a public network, and enables users to send and receive data across shared or public networks as if their computing devices were directly connected to the private network. Applications running on a computing device, e.g., a laptop, desktop, smartphone, across a VPN may therefore benefit from the functionality, security, and management of the private network. Encryption is a common, though not an inherent, part of a VPN connection.

CipherTrust was an anti-spam email software company based in Alpharetta, GA, although they had offices around the world. The company was co-founded by Jay Chaudhry and Lawrence Hughes. Chaudhry was CEO and Chairman of the Board of SecureIT until it was acquired by VeriSign in August 1998.

Internet security is a branch of computer security specifically related to not only Internet, often involving browser security and the World Wide Web, but also network security as it applies to other applications or operating systems as a whole. Its objective is to establish rules and measures to use against attacks over the Internet. The Internet represents an insecure channel for exchanging information, which leads to a high risk of intrusion or fraud, such as phishing, online viruses, trojans, worms and more.

VoIP spam or SPIT is unsolicited, automatically dialed telephone calls, typically using voice over Internet Protocol (VoIP) technology.

Internet privacy right or mandate of personal privacy concerning the storing, repurposing, provision to third parties, and displaying of information pertaining to oneself via of the Internet; a subset of data privacy

Internet privacy involves the right or mandate of personal privacy concerning the storing, repurposing, provision to third parties, and displaying of information pertaining to oneself via the internet. Internet privacy is a subset of data privacy. Privacy concerns have been articulated from the beginnings of large-scale computer sharing.

Secure communication is when two entities are communicating and do not want a third party to listen in. For that they need to communicate in a way not susceptible to eavesdropping or interception. Secure communication includes means by which people can share information with varying degrees of certainty that third parties cannot intercept what was said. Other than spoken face-to-face communication with no possible eavesdropper, it is probably safe to say that no communication is guaranteed secure in this sense, although practical obstacles such as legislation, resources, technical issues, and the sheer volume of communication serve to limit surveillance.

Computer network collection of autonomous computers interconnected by a single technology

A computer network is a digital telecommunications network for sharing resources between nodes, which are computing devices that use a common telecommunications technology. Data transmission between nodes is supported over data links consisting of physical cable media, such as twisted pair or fibre-optic cables, or by wireless methods, such as Wi-Fi, microwave transmission, or free-space optical communication.

The X-Forwarded-For (XFF) HTTP header field is a common method for identifying the originating IP address of a client connecting to a web server through an HTTP proxy or load balancer.

Secure Computing Corporation (SCC) was a public company that developed and sold computer security appliances and hosted services to protect users and data. McAfee acquired the company in 2008.

Bitdefender multinational cybersecurity technology company

Bitdefender is a Romanian cybersecurity and anti-virus software company. It was founded in 2001 by Florin Talpeș who is currently the CEO. Bitdefender develops and sells anti-virus software, internet security software, endpoint security software, and other cybersecurity products and services.

Zscaler is a global cloud-based information security company that provides Internet security, web security, firewalls, sandboxing, SSL inspection, antivirus, vulnerability management and granular control of user activity in cloud computing, mobile and Internet of things environments. As of 2015, Zscaler provides automated threat forensics and dynamic malware protection against advanced cyber threats, such as advanced persistent threats and spear phishing. It provides a cloud-based approach to security as a service. Zscaler was listed on the NASDAQ on 16 March 2018.

Network forensics

Network forensics is a sub-branch of digital forensics relating to the monitoring and analysis of computer network traffic for the purposes of information gathering, legal evidence, or intrusion detection. Unlike other areas of digital forensics, network investigations deal with volatile and dynamic information. Network traffic is transmitted and then lost, so network forensics is often a pro-active investigation.

Avaya Unified Communications Management in computer networking is the name of a collection of GUI software programs from Avaya utilizing a service-oriented architecture (SOA) that serves as a foundation for unifying configuration and monitoring of Avaya Unified Communications Servers and data systems.

Messaging Security is a program that provides protection for companies' messaging infrastructure. The programs includes IP reputation-based anti-spam, pattern-based anti-spam, administrator defined block/allow lists, mail antivirus, zero-hour malware detection and email intrusion prevention.

Mobile security, or more specifically mobile device security, has become increasingly important in mobile computing. Of particular concern is the security of personal and business information now stored on smartphones.

Cyber crime, or computer crime, refers to any crime that involves a computer and a network. The computer may have been used in the commission of a crime, or it may be the target. Netcrime refers, more precisely, to criminal exploitation of the Internet. Issues surrounding this type of crime have become high-profile, particularly those surrounding hacking, copyright infringement, identity theft, child pornography, and child grooming. There are also problems of privacy when confidential information is lost or intercepted, lawfully or otherwise.

Deep content Inspection (DCI) is a form of network filtering that examines an entire file or MIME object as it passes an inspection point, searching for viruses, spam, data loss, key words or other content level criteria. Deep Content Inspection is considered the evolution of Deep Packet Inspection with the ability to look at what the actual content contains instead of focusing on individual or multiple packets. Deep Content Inspection allows services to keep track of content across multiple packets so that the signatures they may be searching for can cross packet boundaries and yet they will still be found. An exhaustive form of network traffic inspection in which Internet traffic is examined across all the seven OSI ISO layers, and most importantly, the application layer.

The following outline is provided as an overview of and topical guide to computer security:

References

  1. TrustedSource community portal
  2. Academic and industry papers published by McAfee Research on the algorithms behind TrustedSource
  3. TrustedSource Storm Worm Tracker