Finding and Analyzing Evil Cities on the Internet

Abstract : IP Geolocation is used to determine the geographical location of Internet users based on their IP addresses. When it comes to security, most of the traditional geolocation analysis is performed at country level. Since countries usually have many cities/towns of different sizes, it is expected that they behave differently when performing malicious activities. Therefore, in this paper we refine geolocation analysis to the city level. The idea is to find the most dangerous cities on the Internet and observe how they behave. This information can then be used by security analysts to improve their methods and tools. To perform this analysis, we have obtained and evaluated data from a real-world honeypot network of 125 hosts and from production e-mail servers.
Type de document :
Communication dans un congrès
Isabelle Chrisment; Alva Couch; Rémi Badonnel; Martin Waldburger. 5th Autonomous Infrastructure, Management and Security (AIMS), Jun 2011, Nancy, France. Springer, Lecture Notes in Computer Science, LNCS-6734, pp.38-48, 2011, Managing the Dynamics of Networks and Services. 〈10.1007/978-3-642-21484-4_4〉
Liste complète des métadonnées

Littérature citée [10 références]  Voir  Masquer  Télécharger

https://hal.inria.fr/hal-01585870
Contributeur : Hal Ifip <>
Soumis le : mardi 12 septembre 2017 - 10:19:41
Dernière modification le : mercredi 13 septembre 2017 - 01:07:35
Document(s) archivé(s) le : mercredi 13 décembre 2017 - 15:43:55

Fichier

978-3-642-21484-4_4_Chapter.pd...
Fichiers produits par l'(les) auteur(s)

Licence


Distributed under a Creative Commons Paternité 4.0 International License

Identifiants

Citation

Matthijs Polen, Giovane Moura, Aiko Pras. Finding and Analyzing Evil Cities on the Internet. Isabelle Chrisment; Alva Couch; Rémi Badonnel; Martin Waldburger. 5th Autonomous Infrastructure, Management and Security (AIMS), Jun 2011, Nancy, France. Springer, Lecture Notes in Computer Science, LNCS-6734, pp.38-48, 2011, Managing the Dynamics of Networks and Services. 〈10.1007/978-3-642-21484-4_4〉. 〈hal-01585870〉

Partager

Métriques

Consultations de la notice

198

Téléchargements de fichiers

17