DocumentCode
1756226
Title
Bad neighborhoods on the internet
Author
Moura, Gabriel ; Sadre, Ramin ; Pras, Aiko
Author_Institution
Delft Univ. of Technol., Delft, Netherlands
Volume
52
Issue
7
fYear
2014
fDate
41821
Firstpage
132
Lastpage
139
Abstract
Analogous to the real world, sources of malicious activities on the Internet tend to be concentrated in certain networks instead of being evenly distributed. In this article we formally define and frame such areas as Internet Bad Neighborhoods. By extending the reputation of malicious IP addresses to their neighbors, the bad neighborhood approach ultimately enables attack prediction from unforeseen addresses. We investigate spam and phishing bad neighborhoods, and show how their underlying business models, counter-intuitively, influences the location of the neighborhoods (both geographically and in the IP addressing space). We also show how bad neighborhoods are highly concentrated at a few Internet Service Providers and discuss how our findings can be employed to improve current network and spam filters and incentivize botnet mitigation initiatives.
Keywords
Internet; computer network security; information filters; invasive software; unsolicited e-mail; Internet bad neighborhoods; attack prediction; botnet mitigation initiatives; malicious IP addresses; malicious activities; phishing; spam filters; Business; Computer security; Databases; IP networks; Internet; Unsolicited electronic mail;
fLanguage
English
Journal_Title
Communications Magazine, IEEE
Publisher
ieee
ISSN
0163-6804
Type
jour
DOI
10.1109/MCOM.2014.6852094
Filename
6852094
Link To Document