Assessing Internet-wide Cyber Situational Awareness of Critical Sectors
作者: Martin Husák , Nataliia Neshenko , Morteza Safaei Pour , Elias Bou-Harb , Pavel Čeleda
关键词:
摘要: In this short paper, we take a first step towards empirically assessing Internet-wide malicious activities generated from and targeted Internet-scale business sectors (i.e., financial, health, education, etc.) critical infrastructure utilities, manufacturing, government, etc.). Facilitated by an innovative collaborative large-scale effort, have conducted discussions with numerous Internet entities to obtain rare private information related allocated IP blocks pertaining the aforementioned infrastructure. To end, employ such attribute maliciousness realms, in attempt provide in-depth analysis of global cyber situational posture. We draw upon close 16.8 TB darknet data infer probing (typically malicious/infected hosts) DDoS backscatter, which distill addresses victims. By executing week-long measurements, observed alarming number more than 11,000 machines 300 attack victims hosted sectors. also generate insights various sectors, including typically do not report their illicit for reputation-preservation purposes. While treat obtained results strict confidence due obvious sensitivity reasons, postulate that threat intelligence could be shared sector/critical operators, backbone networks service providers contribute overall remediation objective.
acm.org 
sci-hub.se 参考文章(19)
Yin Minn Pa Pa, Shogo Suzuki, Katsunari Yoshioka, Tsutomu Matsumoto, Takahiro Kasama, Christian Rossow, None, IoTPOT: analysing the rise of IoT compromises WOOT'15 Proceedings of the 9th USENIX Conference on Offensive Technologies. pp. 9- 9 ,(2015)
Eray Balkanli, A. Nur Zincir-Heywood, On the analysis of backscatter traffic local computer networks. pp. 671- 678 ,(2014) , 10.1109/LCNW.2014.6927719
Roland Bodenheim, Jonathan Butts, Stephen Dunlap, Barry Mullins, Evaluation of the ability of the Shodan search engine to identify Internet-facing industrial control devices International Journal of Critical Infrastructure Protection. ,vol. 7, pp. 114- 123 ,(2014) , 10.1016/J.IJCIP.2014.03.001
Eric Wustrow, Manish Karir, Michael Bailey, Farnam Jahanian, Geoff Huston, None, Internet background radiation revisited internet measurement conference. pp. 62- 74 ,(2010) , 10.1145/1879141.1879149
Zakir Durumeric, David Adrian, Ariana Mirian, Michael Bailey, J Alex Halderman, None, A Search Engine Backed by Internet-Wide Scanning computer and communications security. pp. 542- 553 ,(2015) , 10.1145/2810103.2813703
Cristina Alcaraz, Sherali Zeadally, Critical infrastructure protection International Journal of Critical Infrastructure Protection. ,vol. 8, pp. 53- 66 ,(2015) , 10.1016/J.IJCIP.2014.12.002
Ang Cui, Salvatore J. Stolfo, A quantitative analysis of the insecurity of embedded network devices: results of a wide-area scan annual computer security applications conference. pp. 97- 106 ,(2010) , 10.1145/1920261.1920276
T M Chen, S Abu-Nimeh, Lessons from Stuxnet IEEE Computer. ,vol. 44, pp. 91- 93 ,(2011) , 10.1109/MC.2011.115
Elias Bou-Harb, Mourad Debbabi, Chadi Assi, Cyber Scanning: A Comprehensive Survey IEEE Communications Surveys and Tutorials. ,vol. 16, pp. 1496- 1519 ,(2014) , 10.1109/SURV.2013.102913.00020
Emmanouil Vasilomanolakis, Shreyas Srinivasa, Max Muhlhauser, Did you really hack a nuclear power plant? An industrial control mobile honeypot communications and networking symposium. pp. 729- 730 ,(2015) , 10.1109/CNS.2015.7346907