Predicting future botnet addresses with uncleanliness
作者: Michael Collins , Timothy J. Shimeall , Sidney Faber , Jeff Janies , Rhiannon Weaver
DOI: 10.21236/ADA633445
关键词:
摘要: The increased use of botnets as an attack tool and the awareness attackers have blocking lists leads to question whether we can effectively predict future bot locations. To that end, introduce a network quality term uncleanliness: indicator propensity for hosts in be compromised by outside parties. We hypothesize unclean networks will demonstrate two properties: spatial temporal uncleanliness. Spatial uncleanliness is tendency cluster more densely within networks. Temporal contain extended periods. test these properties collating data from multiple indicators (spamming, phishing, scanning botnet IRC log monitoring). evidence both further show cross-relationship between various datasets, showing activity predicts spamming scanning, while phishing appears unrelated other indicators.
sci-hub.st 参考文章(20)
Michael P. Collins, Carrie Gates, Gaurav Kataria, A Model for Opportunistic Network Exploits: The Case of P2P Worms. WEIS. ,(2006)
Ben Laurie, Richard Clayton, \Proof-of-Work" Proves Not to Work ,(2004)
Thorsten Holz, Learning More About Attack Patterns With Honeypots Sicherheit. pp. 30- 41 ,(2006)
Jacky Hartnett, Joel Scanlan, Duncan Cook, Kevin Manderson, Catching spam before it arrives: domain specific dynamic blacklists grid computing. ,vol. 54, pp. 193- 202 ,(2006)
David Dagon, Nick Feamster, Anirudh Ramachandran, Revealing botnet membership using DNSBL counter-intelligence conference on steps to reducing unwanted traffic on internet. pp. 8- 8 ,(2006)
Felix C. Freiling, Thorsten Holz, Georg Wicherski, Botnet Tracking: Exploring a Root-Cause Methodology to Prevent Distributed Denial-of-Service Attacks Computer Security – ESORICS 2005. pp. 319- 335 ,(2005) , 10.1007/11555827_19
Jaeyeon Jung, V. Paxson, A.W. Berger, H. Balakrishnan, Fast portscan detection using sequential hypothesis testing ieee symposium on security and privacy. pp. 211- 225 ,(2004) , 10.1109/SECPRI.2004.1301325
Jaeyeon Jung, Balachander Krishnamurthy, Michael Rabinovich, Flash crowds and denial of service attacks: characterization and implications for CDNs and web sites the web conference. pp. 293- 304 ,(2002) , 10.1145/511446.511485
John McHugh, Carrie Gates, Locality Proceedings of the 2003 workshop on New security paradigms - NSPW '03. pp. 3- 10 ,(2003) , 10.1145/986655.986657
Jaeyeon Jung, Emil Sit, An empirical study of spam traffic and the use of DNS black lists Proceedings of the 4th ACM SIGCOMM conference on Internet measurement - IMC '04. pp. 370- 375 ,(2004) , 10.1145/1028788.1028838