ISP security performance and the cost of botnet mitigation
As mentioned briefly in a post last Friday, our recently completed study on ISP botnet mitigation showed that between 5 to 10 percent of all broadband subscribers in the Netherlands had their machines recruited into a botnet at some point in 2009. This week we offer a little closer look at that finding, which is conservatively based on the unique IP sources present in three distinct datasets of malicious network hosts: a large spam trap, the DShield distributed intrusion detection system, and Conficker sinkholes. Our results indicate that, from an economic perspective, the use of automation in botnet mitigation has an interesting effect on the incentives of ISPs. Read on to find out more and download the report.