• DocumentCode
    1756226
  • Title

    Bad neighborhoods on the internet

  • Author

    Moura, Gabriel ; Sadre, Ramin ; Pras, Aiko

  • Author_Institution
    Delft Univ. of Technol., Delft, Netherlands
  • Volume
    52
  • Issue
    7
  • fYear
    2014
  • fDate
    41821
  • Firstpage
    132
  • Lastpage
    139
  • Abstract
    Analogous to the real world, sources of malicious activities on the Internet tend to be concentrated in certain networks instead of being evenly distributed. In this article we formally define and frame such areas as Internet Bad Neighborhoods. By extending the reputation of malicious IP addresses to their neighbors, the bad neighborhood approach ultimately enables attack prediction from unforeseen addresses. We investigate spam and phishing bad neighborhoods, and show how their underlying business models, counter-intuitively, influences the location of the neighborhoods (both geographically and in the IP addressing space). We also show how bad neighborhoods are highly concentrated at a few Internet Service Providers and discuss how our findings can be employed to improve current network and spam filters and incentivize botnet mitigation initiatives.
  • Keywords
    Internet; computer network security; information filters; invasive software; unsolicited e-mail; Internet bad neighborhoods; attack prediction; botnet mitigation initiatives; malicious IP addresses; malicious activities; phishing; spam filters; Business; Computer security; Databases; IP networks; Internet; Unsolicited electronic mail;
  • fLanguage
    English
  • Journal_Title
    Communications Magazine, IEEE
  • Publisher
    ieee
  • ISSN
    0163-6804
  • Type

    jour

  • DOI
    10.1109/MCOM.2014.6852094
  • Filename
    6852094