| Autor: |
Moreira Moura, G.C., Sadre, R., Pras, A. |
| Jazyk: |
angličtina |
| Rok vydání: |
2014 |
| Předmět: |
|
| Zdroj: |
IEEE/IFIP NOMS 2014: Network Operations and Management Symposium "Management in a Software Defined World", Krakow, Poland, 5-9 May 2014; pre |
| Popis: |
It's known fact that malicious IP addresses are not evenly distributed over the IP addressing space. In this paper, we frame networks concentrating malicious addresses as bad neighborhoods. We propose a formal definition and show this concentration can be used to predict future attacks (new spamming sources, in our case), and propose an algorithm to aggregate individual IP addresses can bigger neighborhoods. Moreover, we show how bad neighborhoods are specific according to the exploited application (e.g., spam, ssh) and how the performance of different blacklist sources impacts lightweight spam filtering algorithms. |
| Databáze: |
OpenAIRE |
| Externí odkaz: |
|
