Quantifying the Impact of Blocklisting in the Age of Address Reuse
作者: Sivaramakrishnan Ramanathan , Anushah Hossain , Jelena Mirkovic , Minlan Yu , Sadia Afroz
关键词:
摘要: Blocklists, consisting of known malicious IP addresses, can be used as a simple method to block traffic. However, blocklists potentially lead unjust blocking legitimate users due address reuse, where more could blocked than intended. addresses reused either at the same time (Network Address Translation) or over (dynamic addressing). We propose two new techniques identify addresses. built crawler using BitTorrent Distributed Hash Table detect NATed and use RIPE Atlas measurement logs dynamically allocated spaces. then analyze 151 publicly available IPv4 show implications find that 53-60% contain having about 30.6K-45.1K listings also affect many 78 for 44 days.
acm.org
sci-hub.st 参考文章(22)
Robert Beverly, A Robust Classifier for Passive TCP/IP Fingerprinting passive and active network measurement. pp. 158- 167 ,(2004) , 10.1007/978-3-540-24668-8_16
Alberto Dainotti, Karyn Benson, Alistair King, Bradley Huffaker, Eduard Glatz, Xenofontas Dimitropoulos, Philipp Richter, Alessandro Finamore, Alex C. Snoeren, Lost in Space: Improving Inference of IPv4 Address Space Utilization IEEE Journal on Selected Areas in Communications. ,vol. 34, pp. 1862- 1876 ,(2016) , 10.1109/JSAC.2016.2559218
Alberto Dainotti, Karyn Benson, Alistair King, kc claffy, Michael Kallitsis, Eduard Glatz, Xenofontas Dimitropoulos, Estimating internet address space usage through passive measurements acm special interest group on data communication. ,vol. 44, pp. 42- 49 ,(2013) , 10.1145/2567561.2567568
Andreas Müller, Florian Wohlfart, Georg Carle, Analysis and topology-based traversal of cascaded large scale NATs workshop on hot topics in middleboxes and network function virtualization. pp. 43- 48 ,(2013) , 10.1145/2535828.2535833
Chris Wilcox, Christos Papadopoulos, John Heidemann, Correlating Spam Activity with IP Address Characteristics conference on computer communications workshops. pp. 1- 6 ,(2010) , 10.1109/INFCOMW.2010.5466660
John Heidemann, Yuri Pradkin, Ramesh Govindan, Christos Papadopoulos, Genevieve Bartlett, Joseph Bannister, Census and survey of the visible internet Proceedings of the 8th ACM SIGCOMM conference on Internet measurement conference - IMC '08. pp. 169- 182 ,(2008) , 10.1145/1452520.1452542
Christian Kreibich, Nicholas Weaver, Boris Nechaev, Vern Paxson, Netalyzr: illuminating the edge network internet measurement conference. pp. 246- 259 ,(2010) , 10.1145/1879141.1879173
Steven M. Bellovin, A technique for counting natted hosts acm special interest group on data communication. pp. 267- 272 ,(2002) , 10.1145/637201.637243
Yinglian Xie, Fang Yu, Kannan Achan, Eliot Gillum, Moises Goldszmidt, Ted Wobber, How dynamic are IP addresses acm special interest group on data communication. ,vol. 37, pp. 301- 312 ,(2007) , 10.1145/1282380.1282415
Ville Satopaa, Jeannie Albrecht, David Irwin, Barath Raghavan, Finding a "Kneedle" in a Haystack: Detecting Knee Points in System Behavior international conference on distributed computing systems workshops. pp. 166- 171 ,(2011) , 10.1109/ICDCSW.2011.20