On the potential of proactive domain blacklisting
作者: Mark Felegyhazi , Vern Paxson , Christian Kreibich
DOI:
关键词:
摘要: In this paper we explore the potential of leveraging properties inherent to domain registrations and their appearance in DNS zone files predict malicious use domains proactively, using only minimal observation known-bad drive our inference. Our analysis demonstrates that inference procedure derives on average 3.5 15 new from a given domain. 93% these inferred subsequently appear suspect (based third-party assessments), nearly 73% eventually blacklists themselves. For latter, proactively blocking based predictions provides median headstart about 2 days versus reactive blacklist, though gain varies widely for different domains.
dc.hu
acm.org 参考文章(12)
Johannes Ullrich, Phillip Porras, Jian Zhang, Highly predictive blacklisting usenix security symposium. pp. 107- 122 ,(2008)
David Dagon, Nick Feamster, Anirudh Ramachandran, Revealing botnet membership using DNSBL counter-intelligence conference on steps to reducing unwanted traffic on internet. pp. 8- 8 ,(2006)
Christian Ludl, Sean McAllister, Engin Kirda, Christopher Kruegel, On the Effectiveness of Techniques to Detect Phishing Sites Detection of Intrusions and Malware, and Vulnerability Assessment. pp. 20- 39 ,(2007) , 10.1007/978-3-540-73614-1_2
Pawan Prakash, Manish Kumar, Ramana Rao Kompella, Minaxi Gupta, PhishNet: Predictive Blacklisting to Detect Phishing Attacks international conference on computer communications. pp. 346- 350 ,(2010) , 10.1109/INFCOM.2010.5462216
Fabio Soldo, Anh Le, Athina Markopoulou, Predictive Blacklisting as an Implicit Recommendation System international conference on computer communications. pp. 1640- 1648 ,(2010) , 10.1109/INFCOM.2010.5461982
Jaeyeon Jung, Emil Sit, An empirical study of spam traffic and the use of DNS black lists Proceedings of the 4th ACM SIGCOMM conference on Internet measurement - IMC '04. pp. 370- 375 ,(2004) , 10.1145/1028788.1028838
David Dagon, Nick Feamster, Anirudh Ramachandran, Can DNS›Based Blacklists Keep Up with Bots? conference on email and anti-spam. ,(2006)
Sushant Sinha, Michael Bailey, Farnam Jahanian, None, Shades of grey: On the effectiveness of reputation-based “blacklists” international conference on malicious and unwanted software. pp. 57- 64 ,(2008) , 10.1109/MALWARE.2008.4690858
Justin Ma, Lawrence K. Saul, Stefan Savage, Geoffrey M. Voelker, Beyond blacklists Proceedings of the 15th ACM SIGKDD international conference on Knowledge discovery and data mining - KDD '09. pp. 1245- 1254 ,(2009) , 10.1145/1557019.1557153
Lorrie Faith Cranor, Brad Wardman, Gary Warner, Steve Sheng, Jason Hong, Chengshan Zhang, An Empirical Analysis of Phishing Blacklists conference on email and anti spam. ,(2009) , 10.1184/R1/6469805.V1