ASMATRA: Rankin g ASs Providing Transit Service to Malware Hosters

Abstract : The Internet has grown into an enormous network offering a variety of services, which are spread over a multitude of domains. BGP-routing and Autonomous Systems (AS) are the key components for maintaining high connectivity in the Internet. Unfortunately, Internet Service Providers (ISPs) operating ASs do not only host normal users and content, but also malicious content used by attackers for spreading malware, hosting phishing web-sites or performing any kind of fraudulent activity. Practical analysis shows that such malware-providing ASs prevent themselves from being de-peered by hiding behind other ASs, which do not host the malware themselves but simply provide transit service for malware. This paper presents a new method for detecting ASs that provide transit service for malware hosters, without being malicious themselves. A formal definition of the problem and the metrics are determined by using the AS graph. The PageRank algorithm is applied to improve the scalability and the completeness of the approach. The method is assessed on real and publicly available datasets, showing promising results.
Type de document :
Communication dans un congrès
International Symposium on Integrated Network Management, May 2013, Ghent, Belgium. IEEE, 2013, Proceedings of the 13th IFIP/IEEE International Symposium on Integrated Network Management
Liste complète des métadonnées

Littérature citée [24 références]  Voir  Masquer  Télécharger

https://hal.inria.fr/hal-00846082
Contributeur : Jérôme François <>
Soumis le : jeudi 18 juillet 2013 - 14:59:25
Dernière modification le : jeudi 18 juillet 2013 - 17:23:27
Document(s) archivé(s) le : lundi 21 octobre 2013 - 09:46:26

Fichier

im_cr_final.pdf
Fichiers produits par l'(les) auteur(s)

Identifiants

  • HAL Id : hal-00846082, version 1

Collections

Citation

Cynthia Wagner, Jérôme François, Radu State, Alexandre Dulaunoy, Thomas Engel, et al.. ASMATRA: Rankin g ASs Providing Transit Service to Malware Hosters. International Symposium on Integrated Network Management, May 2013, Ghent, Belgium. IEEE, 2013, Proceedings of the 13th IFIP/IEEE International Symposium on Integrated Network Management. 〈hal-00846082〉

Partager

Métriques

Consultations de la notice

296

Téléchargements de fichiers

137