{"id":1845,"date":"2007-01-16T16:32:25","date_gmt":"2007-01-16T21:32:25","guid":{"rendered":"https:\/\/engineering.jhu.edu\/magazine-archive\/?p=1845"},"modified":"2014-12-16T16:34:56","modified_gmt":"2014-12-16T21:34:56","slug":"bot-busters","status":"publish","type":"post","link":"https:\/\/engineering.jhu.edu\/magazine-archive\/2007\/01\/bot-busters\/","title":{"rendered":"Bot Busters"},"content":{"rendered":"
\"Left<\/a>
Left to right, Department of Computer Science \u201cBot Busters\u201d: Moheeb Rajab, graduate student; Andreas Terzis, assistant professor; and Fabian Monrose, assistant professor.<\/figcaption><\/figure>\n

In the dark world OF Internet FRAUD, a sinister new foe has emerged with the potential to wreak havoc . Can it be thwarted ? At the JOHNS HOPKINS university\u2019s Information Security Institute, an intrepid team of researchers is on the case.<\/strong><\/p>\n

In a quiet office tucked off a nondescript corridor on the Homewood campus, a small collection of aging computers is holding open house on an obscure corner of the Internet. Eighteen months ago, a couple of researchers at the Johns Hopkins University Information Security Institute put the machines there in a kind of a \u2018let\u2019s try it and see\u2019 experiment.<\/p>\n

\u201cWe were interested in \u2018malware,\u2019 which is the term used to describe the malicious software\u2014such as computer viruses and worms\u2014that circulates through the Internet,\u201d says co-principal investigator Fabian Monrose, assistant professor in the Whiting School\u2019s Department of Computer Science. \u201cWe wanted to try to assess the prevalence and identify the trends in this area.\u201d<\/p>\n

What they found sent shock waves of surprise across Hopkins\u2014and far beyond.<\/p>\n

The Hopkins Information Security Institute (which insiders abbreviate to JHUISI and pronounce \u201cjuicy\u201d) was established in 2000 to conduct research and train students in the complex technical, legal, ethical, and public policy issues of electronic privacy and computer security. Noting that \u201csecuring information is one of the fundamental challenges of the digital age,\u201d the institute\u2019s founding mission statement foresaw the need for advanced research into computer security.<\/p>\n

It was an idea exactly suited to its moment in history. JHUISI was born at a time when the Internet (according to the nonprofit Internet Systems Consortium) was just rounding 100 million \u201chosts\u201d \u2026 and heading for the stratosphere. The ISC arrives at this number, commonly used to measure the size of the Internet, by twice annually counting every Internet Protocol (IP) address\u2014a 32-bit number that can be thought of as each computer\u2019s unique \u201cstreet address\u201d on the Internet\u2014that has been assigned a name. In the six years since JHUISI was founded, according to ISC figures, the number of hosts has doubled, and doubled again, to approximately 400 million, with more than 100,000 new hosts appearing daily. Securing the information, ideas, and financial transactions that flow continuously across this vast protean landscape requires tremendous technological sophistication, and\u2014just as importantly say researchers\u2014a willingness to be surprised.<\/p>\n

\u201cBy observing the evolutionary changes across different generations of Internet worms, it became apparent to us that each generation became smarter \u2014THAT IS MORE VIRULENT AND MORE STEALTHY\u2014THAN THE PREVIOUS ONE.\u201d Andreas Terzis<\/cite><\/p><\/blockquote>\n

And surprised they were, when the motley collection of older computers and new machines running old versions of Windows operating software were put online. Each machine was assigned its own \u201cvirgin\u201d IP number, a never-before-assigned Internet address within the JHU IP address space. Some of the newer computers were configured to run two or more \u201cvirtual machines,\u201d each with its own IP address. In theory at least\u2014since none of these unique addresses had previously been assigned\u2014when connected to the Internet the machines should have sat quietly undisturbed, receiving only the occasional misdirected ping. Instead, they lit up like Christmas trees, responding immediately to a chatter of network inquiries asking who they were, and what they were doing, and\u2014most sinisterly\u2014whether the inquiring program could come in and play.<\/p>\n

To all such inquiries the machines answered, \u201cYes! C\u2019mon in!\u201d Monrose and coprincipal investigator Andreas Terzis deliberately placed machines running insecure versions of Windows XP (missing the later security patches released by Microsoft) to invite malware infection. Such machines are known as \u201choneypots\u201d since they are attractive lures for malicious computer software such as viruses and worms. A networked series of machines like the system Monrose and Terzis created is known as a \u201choneynet.\u201d<\/p>\n

\u201cThe idea is that you put vulnerable machines out there to act like flypaper and collect samples of what\u2019s floating around on the Web,\u201d Monrose says. Many people, even those who work in the information technology field, have little idea of the sheer quantity of nefarious activity taking place. \u201cWe can get 100,000 unsolicited probes in a 10-minute period,\u201d Monrose reports. According to research team member and graduate student Moheeb Rajab, it takes on average just five seconds for an unprotected machine in our network to get compromised.<\/p>\n

The statistics are sobering for anyone whose job it is to safeguard computer networks and electronic information. But for the Hopkins researchers the scope of the problem was not exactly surprising. \u201cWe started this line of research a little more than two years ago when we first analyzed the behavior of largescale worms such as Code-Red II and Nimda that made the headlines back in 2002 and 2003,\u201d says Terzis, an assistant professor in the Department of Computer Science. \u201cBy observing the evolutionary changes across different generations of Internet worms it became apparent to us that each generation became smarter\u2014 that is, more virulent and more stealthy\u2014 than the previous one. The idea was that by running such a honeynet, we would be able to directly observe the \u2018cutting edge\u2019 of malware technology.\u201d<\/p>\n

What most surprised Terzis and Monrose was not the scale of the attacks their honeynet was subject to but, rather, the kinds of software that were doing much of the attacking. Although the news media was full of stories about computer viruses and worms, the Hopkins team soon discovered that a third category of malware known as bots (a shorthand term for \u2018software robots\u2019) was rapidly becoming the most active\u2014 and probably the most dangerous\u2014malicious programs circulating on the Internet. In a paper describing their research just published in October, they estimate that almost a third of all malicious connection attempts made to their honeynet can be directly related to botnet-related spreading attempts, and that as many as one in 10 networks has at least one client involved in bot-related activity.<\/p>\n

Bots are software robots that run autonomously. Unlike computer worms, however, bots can also be controlled remotely by an operator, known as a botmaster, who links communities of compromised computers into a private community known as a botnet. Three characteristics define bots and botnets: They can be controlled remotely, they are able to implement multiple commands, and they contain an automatic spreading mechanism to distribute the program further and bring additional compromised machines into the botnet. \u201cIn the wild\u201d (as researchers refer to the Internet beyond the borders of their own machines), botnets have been observed ranging in size from just a few infected computers to several thousand machines.<\/p>\n

\"Jay<\/a>
Graduate student Jay Zarfoss (left) confers with Fabian Monrose.<\/figcaption><\/figure>\n

\u201cNo one really knows how prevalent this is, but research suggests there are hundreds of thousands of machines that have been infected,\u201d says Niels Provos, a security researcher at Google. \u201cIt used to be that a firewall kept you safe, but that is no longer the case. Once your computer has installed that software that connects back to the botmaster, your computer is owned. You\u2019ve got a zombie, but you most likely won\u2019t even know it.\u201d One of the initial uses of botnets was to launch dedicated denial-ofservice attacks. The botmasters attempted to monetize their holdings by threatening to blackmail websites with the threat of a DOS attack, often targeting some kinds of marginal but high cash online sites, such as pornography or gambling, that could be especially vulnerable since such sites are not eager to request help from law enforcement agencies. Provos notes that the focus of botnets seems to have shifted away from this approach in recent years: \u201cExtortion does not work very well in general because there is a money trail leading to you. Usually, the amounts are high enough to get the FBI interested. On the other hand, if you can do identity fraud and steal a thousand dollars here and there, that seems to stay below the radar.\u201d<\/p>\n

Once a vulnerability in a computer operating system\u2014and especially in Microsoft Windows\u2014becomes known, malicious programmers design bots that automatically go looking for vulnerable machines to exploit the weakness and capture control of the computer. \u201cWe can say with confidence that bots are one of the topmost threats to the Internet,\u201d says the Whiting School\u2019s Rajab. \u201cIt\u2019s easy to release these programs in the wild, and to date, there really are no solid countermeasures available.\u201d<\/p>\n

The Money Makes It Right<\/h5>\n

What makes bots especially dangerous, say researchers, is that they represent a whole new class of mischief on the Internet. In their article, Monrose, Terzis, Rajab, and fellow researcher and graduate student Jay Zarfoss note the ominous new direction that bots represent: \u201cWhile other classes of malware were mostly used to demonstrate technical prominence among hackers, botnets are predominantly used for illegal activities.\u201d<\/p>\n

Bots point to a new class of Internet criminals motivated to use their programming skills to make money. In April, 2006, USA Today reported on the case of Jeanson James Ancheta, a 19-year-old high school dropout whose botnet of thousands of compromised PCs enabled him to earn enough cash \u201cto drive a souped-up 1993 BMW and spend $600 a week on new clothes and car parts.\u201d According to court records, Ancheta signed up with Internet marketing companies to distribute ads on commission. But rather than following the legal procedure of establishing a website and asking visitors permission to install the ads, he used his botnet to covertly install adware on compromised computers. In six months Ancheta and a partner earned nearly $60,000 this way. In an online chat session Ancheta reportedly told his partner: \u201cIt\u2019s immoral, but the money makes it right.\u201d<\/p>\n

Ancheta\u2019s scheme was just one of the ways a botnet can be used to make money. Says Terzis, \u201cBotnets represent in many ways the \u2018cutting edge\u2019 of malware technology these days because they are used to generate revenue for those individuals who take control of unsuspecting users\u2019 desktops. Botnets are used to send spam e-mails, to host \u2018phishing\u2019 websites, for identity theft, as well for extortion of online businesses by launching denial-of-service attacks. The fact that botnets generate a revenue stream for the people who control them gives them all the motivation to make them more virulent (and thus infect more vulnerable machines), harder to detect, and harder to eradicate. Moreover, botnets form a Darwinian universe in which the most efficient botnet will exploit all the resources\u2014that is, all the vulnerable machines\u2014and become more powerful.\u201d<\/p>\n

Botmasters controlling a network of compromised PCs can use their captive machines (which are often referred to as \u201czombies\u201d) to engage in many different kinds of nefarious activities over periods of time. Some sell or rent their botnets to others to use, and currently, their chief clients are spammers, who send out the mass e-mails touting such things as pharmaceuticals or stocks that eventually find their way into almost every e-mail user\u2019s inbox.<\/p>\n

Previously, such mass e-mailing typically came from a single computer server, and so was relatively easy to block. But in October, the Internet security website SecurityFocus.com reported a sudden and dramatic increase in the global volume of spam, which by some counts has more than tripled in the past half year. Increasingly, said the online report, \u201cspam emanated from networks of compromised PCs, known as botnets.\u201d<\/p>\n

As the economic value of botnets increases, so does the sophistication of the bots and their botmasters. Some bots have been discovered that gain control of computers through a particular vulnerability but then, once in control, actually instruct the infected machine to go online to download the appropriate security patch to ensure other botmasters won\u2019t find and exploit the same weakness. In addition, some bots are designed to neutralize existing virus protection already loaded on the machine, altering programs so that the protective software will appear to be running\u2014and even retrieving periodic updates\u2014when it is in fact disabled.<\/p>\n

Armed with preliminary data showing the higher-than-expected prevalence of botnet attacks against university IP addresses, and with both direct and anecdotal evidence of the new sophistication and capability of the software robots and their masters, Monrose and Terzis made a special presentation to senior university leadership about the scale and danger of this new threat. \u201cThey were stunned,\u201d says JHUISI researcher Computer Science professor Avi Rubin, who sat in on the meeting. \u201cThey kept saying, \u2018Really?! Can they really do that?!\u2019 They had no idea of the extent of the problem.\u201d<\/p>\n

Johns Hopkins Chief Information Security Officer Darren Lacey says botnets have caught many systems administrators unaware. \u201cWhen we first started seeing bots three or four years ago we thought they were no more risk than worms or viruses,\u201d he says. \u201cBut we missed the boat; we\u2019re seeing many more compromised machines from bot attacks, and the damage they can do is potentially much greater.\u201d<\/p>\n

Both Lacey and Rubin think the research coming out of the Hopkins honeynet points the way to the future of computer security. \u201cI\u2019m a big fan of this research, because it\u2019s at the leading edge of the Internet,\u201d says Rubin. \u201cIt\u2019s definitely true that the stakes have suddenly gotten much higher.\u201d He sees a close parallel to his own work in analyzing the many documented shortcomings in touch screen electronic voting machines. He says in both instances, the degree of vulnerability correlates directly to the amount of motivation some people might have to compromise the integrity of a system. \u201cLook at how much people pay for campaign ads and ask yourself, \u2018What is at stake here?\u2019\u201d he says. \u201cConsider, for instance, a hypothetical defense contractor who might believe that contracts worth billions of dollars hang in the balance of an election. That\u2019s a huge amount of motivation for some people to try to win elections by tampering with the vote\u2014and computers can provide a uniquely untraceable way of doing that.\u201d<\/p>\n

In much the same way, the burgeoning world of e-commerce provides a tempting target for criminals hoping to shave off just a small fraction of the billions of dollars of transactions occurring there, or to try attacking a large and well-funded organization like Johns Hopkins, in hopes of skimming funds or valuable information from the nearly ubiquitous Internet connectivity across the institution.<\/p>\n

\u201cThe university\u2019s scarce and valuable resources are being consumed by our efforts to pre-empt strikes of this kind,\u201d says Johns Hopkins Chief Information Officer Stephanie Reel. \u201cThe bad guys are getting smarter and the challenges are getting tougher, and so these are resources we must deploy to protect ourselves. We\u2019re focused on this, but it\u2019s not an exact science, and we never get 100 percent ahead of the problems.\u201d<\/p>\n

A Wake-Up Call<\/h5>\n

While it is relatively easy to put a vulnerable machine out on the Internet and allow it to become infected with a bot, it is a much more difficult proposition to isolate, observe, and understand the malicious software in such a way that does not alert botmasters to the fact they are being observed, and at the same time does not allow the bots to further spread or carry out any nefarious activities.<\/p>\n

The research team at JHUISI took both factors into account when developing much of their data collection architecture. \u201cWe started with a general purpose collection system to see how well we could capture and isolate malware, but we soon had to create a whole new data collection infrastructure with several unique features,\u201d explains Rajab. \u201cWe capture and analyze malicious binaries using a separate system that just does this. The analysis phase is always done using a separate system, isolated from the Internet, because we have to make sure that the binaries we have captured are not allowed to participate in an organized attack or cause other problems. We think we have succeeded, but we continuously monitor any outbound activity to be sure we are not participating in any malfeasance.\u201d<\/p>\n

The Internet was designed and built with the assumption that everyone wo uld play fair. But clearly this is not the case. Gerald Masson<\/cite><\/p><\/blockquote>\n

\"Gerald<\/a>
Gerald Masson, director of Johns Hopkins University Information Security Institute<\/figcaption><\/figure>\n

The system enabled the researchers to collect about 3,000 distinct binaries over a threemonth period, according to Monrose, and track 192 unique botnets of size ranging from a few hundred to a few thousand infected endhosts. In addition, the team discovered evidence of botnet infections in 11 percent of the 800,000 domains they examined, indicating that the problem was commonplace among a large diversity of Internet hosts. \u201cAt this time most attacks are still fairly naive,\u201d Monrose says, meaning that a high percentage of botmasters are not exploiting their captured machines to the full extent of malicious activity possible. However, the motivation of money could easily turn many of the attackers into dangerous predators. \u201cThe majority of research in this field has always been reactive, focused on coming up with a defense strategy for a problem already under way,\u201d he says. \u201cIt\u2019s a problematic approach. We need to look at being proactive, and stop these attacks before they become profoundly disruptive.\u201d<\/p>\n

As research continues, Monrose and Terzis hope to better understand how most botmasters organize attacks and what vulnerabilities offer the greatest financial incentives to Internet criminals. \u201cI think their research has all the right components,\u201d says Gerald Masson, founding director of JHUISI and professor and former chair of the computer science department. \u201cIt\u2019s technically deep, requires rigorous background to understand the issues, and will have a significant public impact.\u201d He sees their work as a wake-up call for systems administrators and security specialists everywhere. \u201cAs a society we\u2019re led to believe that these problems are always the work of some 17-yearold hacker living on potato chips and Coke, but the reality is that there are some very smart and well-trained people involved in doing this.\u201d These new Internet criminals prey on the essential openness and freedom from scrutiny in their victims\u2019 social order. Observes Masson, \u201cThe Internet was designed and built with the assumption that everyone would play fair. But clearly this is not the case.\u201d<\/p>\n

JHUISI is uniquely suited to harness and transmit the cutting edge of information security research. It is the only institute in the Whiting School with an academic degree program, offering the Master of Science in Security Informatics, or MSSI degree, which features both rigorous technical training along with public policy, privacy law, and health management components. \u201cStudents take this education we provide and then go places we never could have predicted,\u201d Masson says. \u201cThe breadth of activities at Johns Hopkins is collectively harnessed to create compelling academic offerings with a superb research program. In a way, we are providing the infrastructure for the future of computer security.\u201d<\/p>\n

The first MSSI degrees were awarded in 2002 to three students. Now the institute typically has 40 to 45 students who spend two, three, or even four semesters in the program. Recently, JHUISI began offering a dual master\u2019s program with the Bloomberg School of Public Health, and is also working with undergraduates in a concurrent bachelor\u2019s\/master\u2019s program that students join in their junior year, completing both degrees in five years, with an undergraduate degree in computer science or applied math, and the MSSI degree. Currently, about a dozen students are enrolled in the joint undergraduate\/ graduate degree program.<\/p>\n

As information security evolves, JHUISI is recognized as one of just a few national centers doing the research and training of the next generation of leaders that will define the field in years to come.<\/p>\n

Best Advice: Clean Living<\/h5>\n

\u201cFor the most part, preventing botnet infection is about having a healthy lifestyle\u2014 don\u2019t visit \u2018iffy\u2019 websites, be very careful of the attachments you accept, and keep your patches and anti-virus protection updated,\u201d says Andreas Terzis. \u201cThere are remedies. One study showed that if you are running, for example, Norton antivirus software, and keeping it updated, then your computer would catch about 95 percent of the botnets we found.\u201d<\/p>\n

The problem is, surveys find time and again, that most computer users are not doing these things, and that even many systems administrators often fail to keep current with the patches and updates necessary to fully protect their network. And that is a problem that remains to be solved.<\/p>\n

\u201cInternet safety is evolving. Users want to do their jobs, so design has to be simple,\u201d Terzis says. \u201cThere is no magic bullet. You can\u2019t say we are going to do \u2018X\u2019 and this will solve the problem. It\u2019s going to be a combination of things, an evolving set of techniques. The opposition is highly motivated to make money. For us, the mentality is not trying to react to what happened yesterday, but trying to design for tomorrow\u2019s attacks. That\u2019s our motivation.\u201d<\/p>\n","protected":false},"excerpt":{"rendered":"

In the dark world OF Internet FRAUD, a sinister new foe has emerged with the potential to wreak havoc . Can it be thwarted ? At the JOHNS HOPKINS university\u2019s Information Security Institute, an intrepid team of researchers is on the case. In a quiet office tucked off a nondescript corridor on the Homewood campus,…<\/p>\n","protected":false},"author":4,"featured_media":1846,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"_acf_changed":false,"footnotes":""},"categories":[28],"tags":[],"class_list":["post-1845","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-features","issue-winter-2007"],"acf":[],"yoast_head":"\nBot Busters - JHU Engineering Magazine<\/title>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/engineering.jhu.edu\/magazine-archive\/2007\/01\/bot-busters\/\" \/>\n<meta property=\"og:locale\" content=\"en_US\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"Bot Busters - JHU Engineering Magazine\" \/>\n<meta property=\"og:description\" content=\"In the dark world OF Internet FRAUD, a sinister new foe has emerged with the potential to wreak havoc . Can it be thwarted ? At the JOHNS HOPKINS university\u2019s Information Security Institute, an intrepid team of researchers is on the case. In a quiet office tucked off a nondescript corridor on the Homewood campus,...\" \/>\n<meta property=\"og:url\" content=\"https:\/\/engineering.jhu.edu\/magazine-archive\/2007\/01\/bot-busters\/\" \/>\n<meta property=\"og:site_name\" content=\"JHU Engineering Magazine\" \/>\n<meta property=\"article:published_time\" content=\"2007-01-16T21:32:25+00:00\" \/>\n<meta property=\"article:modified_time\" content=\"2014-12-16T21:34:56+00:00\" \/>\n<meta property=\"og:image\" content=\"https:\/\/engineering.jhu.edu\/magazine-archive\/wp-content\/uploads\/2014\/07\/winter2007031.jpg\" \/>\n\t<meta property=\"og:image:width\" content=\"948\" \/>\n\t<meta property=\"og:image:height\" content=\"561\" \/>\n\t<meta property=\"og:image:type\" content=\"image\/jpeg\" \/>\n<meta name=\"author\" content=\"Abby Lattes\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:label1\" content=\"Written by\" \/>\n\t<meta name=\"twitter:data1\" content=\"Abby Lattes\" \/>\n\t<meta name=\"twitter:label2\" content=\"Est. reading time\" \/>\n\t<meta name=\"twitter:data2\" content=\"17 minutes\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\\\/\\\/schema.org\",\"@graph\":[{\"@type\":\"NewsArticle\",\"@id\":\"https:\\\/\\\/engineering.jhu.edu\\\/magazine-archive\\\/2007\\\/01\\\/bot-busters\\\/#article\",\"isPartOf\":{\"@id\":\"https:\\\/\\\/engineering.jhu.edu\\\/magazine-archive\\\/2007\\\/01\\\/bot-busters\\\/\"},\"author\":{\"name\":\"Abby Lattes\",\"@id\":\"https:\\\/\\\/engineering.jhu.edu\\\/magazine-archive\\\/#\\\/schema\\\/person\\\/0244393be370fbc3ead8ec26062e9742\"},\"headline\":\"Bot Busters\",\"datePublished\":\"2007-01-16T21:32:25+00:00\",\"dateModified\":\"2014-12-16T21:34:56+00:00\",\"mainEntityOfPage\":{\"@id\":\"https:\\\/\\\/engineering.jhu.edu\\\/magazine-archive\\\/2007\\\/01\\\/bot-busters\\\/\"},\"wordCount\":3496,\"commentCount\":0,\"image\":{\"@id\":\"https:\\\/\\\/engineering.jhu.edu\\\/magazine-archive\\\/2007\\\/01\\\/bot-busters\\\/#primaryimage\"},\"thumbnailUrl\":\"https:\\\/\\\/engineering.jhu.edu\\\/magazine-archive\\\/wp-content\\\/uploads\\\/2014\\\/07\\\/winter2007031.jpg\",\"articleSection\":[\"Features\"],\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"CommentAction\",\"name\":\"Comment\",\"target\":[\"https:\\\/\\\/engineering.jhu.edu\\\/magazine-archive\\\/2007\\\/01\\\/bot-busters\\\/#respond\"]}]},{\"@type\":\"WebPage\",\"@id\":\"https:\\\/\\\/engineering.jhu.edu\\\/magazine-archive\\\/2007\\\/01\\\/bot-busters\\\/\",\"url\":\"https:\\\/\\\/engineering.jhu.edu\\\/magazine-archive\\\/2007\\\/01\\\/bot-busters\\\/\",\"name\":\"Bot Busters - JHU Engineering Magazine\",\"isPartOf\":{\"@id\":\"https:\\\/\\\/engineering.jhu.edu\\\/magazine-archive\\\/#website\"},\"primaryImageOfPage\":{\"@id\":\"https:\\\/\\\/engineering.jhu.edu\\\/magazine-archive\\\/2007\\\/01\\\/bot-busters\\\/#primaryimage\"},\"image\":{\"@id\":\"https:\\\/\\\/engineering.jhu.edu\\\/magazine-archive\\\/2007\\\/01\\\/bot-busters\\\/#primaryimage\"},\"thumbnailUrl\":\"https:\\\/\\\/engineering.jhu.edu\\\/magazine-archive\\\/wp-content\\\/uploads\\\/2014\\\/07\\\/winter2007031.jpg\",\"datePublished\":\"2007-01-16T21:32:25+00:00\",\"dateModified\":\"2014-12-16T21:34:56+00:00\",\"author\":{\"@id\":\"https:\\\/\\\/engineering.jhu.edu\\\/magazine-archive\\\/#\\\/schema\\\/person\\\/0244393be370fbc3ead8ec26062e9742\"},\"breadcrumb\":{\"@id\":\"https:\\\/\\\/engineering.jhu.edu\\\/magazine-archive\\\/2007\\\/01\\\/bot-busters\\\/#breadcrumb\"},\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\\\/\\\/engineering.jhu.edu\\\/magazine-archive\\\/2007\\\/01\\\/bot-busters\\\/\"]}]},{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/engineering.jhu.edu\\\/magazine-archive\\\/2007\\\/01\\\/bot-busters\\\/#primaryimage\",\"url\":\"https:\\\/\\\/engineering.jhu.edu\\\/magazine-archive\\\/wp-content\\\/uploads\\\/2014\\\/07\\\/winter2007031.jpg\",\"contentUrl\":\"https:\\\/\\\/engineering.jhu.edu\\\/magazine-archive\\\/wp-content\\\/uploads\\\/2014\\\/07\\\/winter2007031.jpg\",\"width\":948,\"height\":561,\"caption\":\"Left to right, Department of Computer Science \u201cBot Busters\u201d: Moheeb Rajab, graduate student; Andreas Terzis, assistant professor; and Fabian Monrose, assistant professor.\"},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\\\/\\\/engineering.jhu.edu\\\/magazine-archive\\\/2007\\\/01\\\/bot-busters\\\/#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"Home\",\"item\":\"https:\\\/\\\/engineering.jhu.edu\\\/magazine-archive\\\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"Bot Busters\"}]},{\"@type\":\"WebSite\",\"@id\":\"https:\\\/\\\/engineering.jhu.edu\\\/magazine-archive\\\/#website\",\"url\":\"https:\\\/\\\/engineering.jhu.edu\\\/magazine-archive\\\/\",\"name\":\"JHU Engineering Magazine\",\"description\":\"\",\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\\\/\\\/engineering.jhu.edu\\\/magazine-archive\\\/?s={search_term_string}\"},\"query-input\":{\"@type\":\"PropertyValueSpecification\",\"valueRequired\":true,\"valueName\":\"search_term_string\"}}],\"inLanguage\":\"en-US\"},{\"@type\":\"Person\",\"@id\":\"https:\\\/\\\/engineering.jhu.edu\\\/magazine-archive\\\/#\\\/schema\\\/person\\\/0244393be370fbc3ead8ec26062e9742\",\"name\":\"Abby Lattes\",\"image\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/c56cb7af5427f847aa288542444ba9ff3d2107bf85dc6c6d44a4d1315608258d?s=96&r=g\",\"url\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/c56cb7af5427f847aa288542444ba9ff3d2107bf85dc6c6d44a4d1315608258d?s=96&r=g\",\"contentUrl\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/c56cb7af5427f847aa288542444ba9ff3d2107bf85dc6c6d44a4d1315608258d?s=96&r=g\",\"caption\":\"Abby Lattes\"}}]}<\/script>\n<!-- \/ Yoast SEO plugin. -->","yoast_head_json":{"title":"Bot Busters - JHU Engineering Magazine","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/engineering.jhu.edu\/magazine-archive\/2007\/01\/bot-busters\/","og_locale":"en_US","og_type":"article","og_title":"Bot Busters - JHU Engineering Magazine","og_description":"In the dark world OF Internet FRAUD, a sinister new foe has emerged with the potential to wreak havoc . Can it be thwarted ? At the JOHNS HOPKINS university\u2019s Information Security Institute, an intrepid team of researchers is on the case. In a quiet office tucked off a nondescript corridor on the Homewood campus,...","og_url":"https:\/\/engineering.jhu.edu\/magazine-archive\/2007\/01\/bot-busters\/","og_site_name":"JHU Engineering Magazine","article_published_time":"2007-01-16T21:32:25+00:00","article_modified_time":"2014-12-16T21:34:56+00:00","og_image":[{"width":948,"height":561,"url":"https:\/\/engineering.jhu.edu\/magazine-archive\/wp-content\/uploads\/2014\/07\/winter2007031.jpg","type":"image\/jpeg"}],"author":"Abby Lattes","twitter_card":"summary_large_image","twitter_misc":{"Written by":"Abby Lattes","Est. reading time":"17 minutes"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"NewsArticle","@id":"https:\/\/engineering.jhu.edu\/magazine-archive\/2007\/01\/bot-busters\/#article","isPartOf":{"@id":"https:\/\/engineering.jhu.edu\/magazine-archive\/2007\/01\/bot-busters\/"},"author":{"name":"Abby Lattes","@id":"https:\/\/engineering.jhu.edu\/magazine-archive\/#\/schema\/person\/0244393be370fbc3ead8ec26062e9742"},"headline":"Bot Busters","datePublished":"2007-01-16T21:32:25+00:00","dateModified":"2014-12-16T21:34:56+00:00","mainEntityOfPage":{"@id":"https:\/\/engineering.jhu.edu\/magazine-archive\/2007\/01\/bot-busters\/"},"wordCount":3496,"commentCount":0,"image":{"@id":"https:\/\/engineering.jhu.edu\/magazine-archive\/2007\/01\/bot-busters\/#primaryimage"},"thumbnailUrl":"https:\/\/engineering.jhu.edu\/magazine-archive\/wp-content\/uploads\/2014\/07\/winter2007031.jpg","articleSection":["Features"],"inLanguage":"en-US","potentialAction":[{"@type":"CommentAction","name":"Comment","target":["https:\/\/engineering.jhu.edu\/magazine-archive\/2007\/01\/bot-busters\/#respond"]}]},{"@type":"WebPage","@id":"https:\/\/engineering.jhu.edu\/magazine-archive\/2007\/01\/bot-busters\/","url":"https:\/\/engineering.jhu.edu\/magazine-archive\/2007\/01\/bot-busters\/","name":"Bot Busters - JHU Engineering Magazine","isPartOf":{"@id":"https:\/\/engineering.jhu.edu\/magazine-archive\/#website"},"primaryImageOfPage":{"@id":"https:\/\/engineering.jhu.edu\/magazine-archive\/2007\/01\/bot-busters\/#primaryimage"},"image":{"@id":"https:\/\/engineering.jhu.edu\/magazine-archive\/2007\/01\/bot-busters\/#primaryimage"},"thumbnailUrl":"https:\/\/engineering.jhu.edu\/magazine-archive\/wp-content\/uploads\/2014\/07\/winter2007031.jpg","datePublished":"2007-01-16T21:32:25+00:00","dateModified":"2014-12-16T21:34:56+00:00","author":{"@id":"https:\/\/engineering.jhu.edu\/magazine-archive\/#\/schema\/person\/0244393be370fbc3ead8ec26062e9742"},"breadcrumb":{"@id":"https:\/\/engineering.jhu.edu\/magazine-archive\/2007\/01\/bot-busters\/#breadcrumb"},"inLanguage":"en-US","potentialAction":[{"@type":"ReadAction","target":["https:\/\/engineering.jhu.edu\/magazine-archive\/2007\/01\/bot-busters\/"]}]},{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/engineering.jhu.edu\/magazine-archive\/2007\/01\/bot-busters\/#primaryimage","url":"https:\/\/engineering.jhu.edu\/magazine-archive\/wp-content\/uploads\/2014\/07\/winter2007031.jpg","contentUrl":"https:\/\/engineering.jhu.edu\/magazine-archive\/wp-content\/uploads\/2014\/07\/winter2007031.jpg","width":948,"height":561,"caption":"Left to right, Department of Computer Science \u201cBot Busters\u201d: Moheeb Rajab, graduate student; Andreas Terzis, assistant professor; and Fabian Monrose, assistant professor."},{"@type":"BreadcrumbList","@id":"https:\/\/engineering.jhu.edu\/magazine-archive\/2007\/01\/bot-busters\/#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Home","item":"https:\/\/engineering.jhu.edu\/magazine-archive\/"},{"@type":"ListItem","position":2,"name":"Bot Busters"}]},{"@type":"WebSite","@id":"https:\/\/engineering.jhu.edu\/magazine-archive\/#website","url":"https:\/\/engineering.jhu.edu\/magazine-archive\/","name":"JHU Engineering Magazine","description":"","potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/engineering.jhu.edu\/magazine-archive\/?s={search_term_string}"},"query-input":{"@type":"PropertyValueSpecification","valueRequired":true,"valueName":"search_term_string"}}],"inLanguage":"en-US"},{"@type":"Person","@id":"https:\/\/engineering.jhu.edu\/magazine-archive\/#\/schema\/person\/0244393be370fbc3ead8ec26062e9742","name":"Abby Lattes","image":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/secure.gravatar.com\/avatar\/c56cb7af5427f847aa288542444ba9ff3d2107bf85dc6c6d44a4d1315608258d?s=96&r=g","url":"https:\/\/secure.gravatar.com\/avatar\/c56cb7af5427f847aa288542444ba9ff3d2107bf85dc6c6d44a4d1315608258d?s=96&r=g","contentUrl":"https:\/\/secure.gravatar.com\/avatar\/c56cb7af5427f847aa288542444ba9ff3d2107bf85dc6c6d44a4d1315608258d?s=96&r=g","caption":"Abby Lattes"}}]}},"_links":{"self":[{"href":"https:\/\/engineering.jhu.edu\/magazine-archive\/wp-json\/wp\/v2\/posts\/1845","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/engineering.jhu.edu\/magazine-archive\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/engineering.jhu.edu\/magazine-archive\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/engineering.jhu.edu\/magazine-archive\/wp-json\/wp\/v2\/users\/4"}],"replies":[{"embeddable":true,"href":"https:\/\/engineering.jhu.edu\/magazine-archive\/wp-json\/wp\/v2\/comments?post=1845"}],"version-history":[{"count":2,"href":"https:\/\/engineering.jhu.edu\/magazine-archive\/wp-json\/wp\/v2\/posts\/1845\/revisions"}],"predecessor-version":[{"id":2851,"href":"https:\/\/engineering.jhu.edu\/magazine-archive\/wp-json\/wp\/v2\/posts\/1845\/revisions\/2851"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/engineering.jhu.edu\/magazine-archive\/wp-json\/wp\/v2\/media\/1846"}],"wp:attachment":[{"href":"https:\/\/engineering.jhu.edu\/magazine-archive\/wp-json\/wp\/v2\/media?parent=1845"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/engineering.jhu.edu\/magazine-archive\/wp-json\/wp\/v2\/categories?post=1845"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/engineering.jhu.edu\/magazine-archive\/wp-json\/wp\/v2\/tags?post=1845"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}