Comments (6)
bslassey
commented on June 4, 2024
1
I certainly agree that the solutions for DoS will most likely be different from the solutions for account take over, which is effectively what I'm driving at here.
from draft-ip-address-privacy.
chris-wood
commented on June 4, 2024
@bslassey is it also worth highlighting that the target of abuse may be different across scenarios? In the DoS case, the target is the service, whereas in the impersonation scenario, the target is (likely) an individual.
from draft-ip-address-privacy.
bslassey
commented on June 4, 2024
Impersonation could also be attacking a service if for example the goal of the attacker is to steal the credentials of an admin. Are you thinking of a specific way that defining the goal of the attacker could be useful?
from draft-ip-address-privacy.
chris-wood
commented on June 4, 2024
Impersonation could also be attacking a service if for example the goal of the attacker is to steal the credentials of an admin.
True -- this one does cut both ways.
Are you thinking of a specific way that defining the goal of the attacker could be useful?
Nothing specific beyond trying to highlight that alternate solutions to these problems might be distinct, even though they currently rely on the same mechanism (IP address). For example, one might just say "2FA everywhere!" (or whatever) as "the solution" to the impersonation case, whereas a solution to the DoS case might be totally different. 🤷♂️
from draft-ip-address-privacy.
sysrqb
commented on June 4, 2024
In #11 we enumerated some common abuse patterns where IP addresses are used to find some signal in the noise. That only partially addressed the goal of this issue (as I understand it). #16 addressing the remainder, insofar as it applies specific "replacement signals" in an effort to discover abuse patterns when client IP addresses are not available.
One risk of this approach, where we evaluate each category of abuse in isolation, is that we potentially miss the forest through the trees. As an example (based on the current PR), if a server wants to detect and mitigate against both influence campaigns and financial fraud, then they may require a set of signals like: IS_HUMAN, REPUTATION, REIDENTIFICATION, SOURCE_ASN, and IDENTITY_TRANSPARENCY. Depending on some factors, this set of information could be at least as identifying as ADDRESS_ESCROW except without the escrow, but it may not as obvious from the client's perspective. We need to be careful about the effect of combining signals.
For this issue, I believe we can close it when #16 is merged, but let me know if you think we're not addressing some aspect of this.
from draft-ip-address-privacy.
bslassey
commented on June 4, 2024
For this issue, I believe we can close it when #16 is merged, but let me know if you think we're not addressing some aspect of this.
agreed
from draft-ip-address-privacy.
Related Issues (18)
- Counterabuse: avoiding benefits to bad actors. HOT 9
- Counterabuse: law enforcement support. HOT 9
- Counterabuse: multi-platform threat models HOT 6
- Define cross-site versus same-site privacy risks HOT 9
- Add rough geolocation as use case for IP HOT 2
- A mechanism for first-party re-identification HOT 1
- Does a reputation system solve a problem? HOT 2
- Add some more use cases of IP addresses from PAT
- Add Signal for GeoIP replacement
- Email protocol improvements?
- Geo signals
- Signal provenance and trust HOT 1
- Move information about laws/regulations into separate document? HOT 3
- Temporary Addresses HOT 4
- Potential new technologies HOT 1
- Augmenting replacement signals with reporting mechanisms HOT 1
- Potential tweak to structure of document
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from draft-ip-address-privacy.