This project seeks to understand and analyze the global demography of cybersecurity threats and solutions. It is structured as a population study, in three majors parts. First, a real time monitoring infrastructure captures a new dataset on the population characteristics of malicious software, and of security tools, as they are actually found across the world. The monitoring infrastructure can compile frequent statistical estimates of the prevalence of various identified software programs, both malicious and protective, at an identified set of online sites, in a manner that does not compromise the privacy of end users. Second, the data is analyzed for insight to drive enhancements in cybersecurity. For example, analyses can look for correlations between malware prevalence and other factors such as site characteristics and the use of protective software, controlling for various factors. Third, the data set is to be published online in both raw and processed forms, to allow further research across computer security and a range of other fields, while at the same time educating the public at large about cybersecurity threats.
CT-ISG: Population Studies in Computer Security via DNS Monitoring