Kindsight perfecting Intrustion Detection System for home PC users
Posted on | August 27, 2010 | 1 comment
Security start-up Kindsight is in the late stages of bringing to market a breakthrough tool that could, if it catches on, establish a new paradigm for protecting consumers’ PCs.
Consider that iTune hijackers and online banking cyberrobbers both rely on a ready supply of illicitly-obtained usernames and passwords to log into your various Internet accounts.
They typically obtain your account credentials from phishers, who direct you to faked web sites, where they dupe you into typing your account logons; or from data thieves, who infest the web with tainted web links, spring-loaded to install keystroke loggers and other malicious programs on your harddrive.
Traditional antivirus protection works by watching for and blocking known phishing websites and malicious downloads. But the bad guys slightly alter their attacks moment- to-moment, invariably staying a step ahead.
Novel approach: consumer-focused IDS
CEO Gassewitz
Now along comes Kindsight with a novel new approach — monitoring the traffic emanating from your machine for any signs of infection. More on this shortly.
Kindsight is a distinctive security startup. It’s funding and founding executives come from telecom equipment maker Alcatel-Lucent, home of the renowned Bell Labs.
Since 2008, Kindsight has been working feverishly to develop an Intrusion Detection System service for consumers. IDS has been around for about a decade, used mostly by banks and government agencies to detect and block malicious Internet traffic hitting their networks. Back in 2004, I wrote this story about a smaller ISP, Cable Bahamas, that took a progressive approach by setting up an IDS system earmarked to protect it’s home subscribers.
Back then, TippingPoint, and other heavyweight IDS suppliers projected a huge future in getting ISPs to fold IDS into their consumer services. But it never happened.
Since then, the threat landscape certainly has intensified – to the point where Kindsight’s new approach has compelling merit. Consumers and small business owners finally are beginning to gain a deeper appreciation about how risky the Internet has become.
Consumer consternation rising
Kindsight recently surveyed 1,200 consumers, aged 18 to 55, and found 81 percent of respondents had experienced a computer infections, including 29 percent having been infected by a virus in the last three months. Only 59 percent of respondents updated their antivirus software and only 53 percent enabled a firewall on their home router and/or computers.
Additional survey findings:
- 34 percent identified a phishing attack intended to steal personal information as one of their top two concerns
- 29 percent identified Trojan viruses that hijack their computers for the distribution of spam, infections, or child pornography to other computers and users as one of their top two concerns
- 25 percent were concerned with having their computer’s performance compromised by viruses
- 14 percent were concerned about viruses corrupting their personal photos, videos and other memories
“The results of our survey shed light on the public’s concerns toward ID theft and online protection,†says Kindsight CEO Mike Gassewitz. “In recent years, online hackers have advanced to a new class of sophisticated cyber criminals. Methodical in planning their attacks to make them more lucrative, these criminals are skilled at identifying potential security holes in a consumer’s home network.”
PC smoke detector
Kindsight wants to deliver IDS technology to consumers — and flip it around so that it detects any malicious traffic emitting from a consumer’s infected PC. That’s a sure sign that your PC is a bot, controlled by an intruder who’s stealing your data, hacking into your accounts and using your PC to spread more attacks.
“We’re like a smoke detector,” says Gassewitz. “When we see something, we’ll trigger an alert and remediate.”
Kindsight is working with major ISPs to deliver this service at nominal cost to consumers. The technology would run as part of the ISP’s infracture, so there’s no need to install a performance-zapping client on the consumer’s PC.
Upon detecting a PC reaching out to a known phishing web site, or communicating with a known botnet command-and-control server, Kindsight issues an alert to the consumer. This is accomplished via an interstitial browser page — if the ISP has that capability — or via a phone text message.
The user would then navigate to his or her Kindsight account in the Internet cloud and run a clean up tool.
Advertising-supported protection
Subscribers would pay around $4 a month. Alternatively, they could get the service free, if they agree to let Kindsight do some limited tracking of their web habits in support of a separate behavior-targeting advertising service.
Users of the free, ad-supported service probably wouldn’t notice much, says Gassewitz. Display ads customized to their profile would simply appear the next time they surf to a major portal or media site that has a business relationship with Kindsight.
“Generally speaking, the concept is similar to Google tracking what you do online,” says Gassewitz. “From a privacy perspective, we’ve set a much higher standard than Google. First, we get your consent to do the monitoring. And we make it abundantly clear specifically what you’re signing up for. It’s completely opt-in.”
Gassewitz concedes that it will be a challenge to convey the power of this new approach both to ISPs, not to mention consumers. He says Alcatel-Lucent has been very supportive — and patient. “They see the opportunity and they understand that the adaption cycle for a new type of service requires patience and stamina,” Gassewitz says.
By Byron Acohido
We’re tring to take ethe google model…..and the app were trying to delver is network based app, and network based security…we believe were one of the pioneers…..
Alcatel lucent ver supportive…they see the opportunity…they understand the biz cyble…the new service adaption cycle…in terms of having the patiences and stamina…VC don’t have patience…im not
Comments
1 Comment »
RSS feed for comments on this post.
There are some solid open source IDS already there that can do much better job for you, why you have to pay to using his stupid service.
This guy is craze, he knew “will be a challenge to convey the power of this new approach both to ISPs, not to mention consumers. ” but still can cheat the investors to invest this crappy ideas.
Comment by Smokegun — 11/7/2010 @ 12:39 am