Sciweavers

DIMVA
2011

An Assessment of Overt Malicious Activity Manifest in Residential Networks

13 years 3 months ago
An Assessment of Overt Malicious Activity Manifest in Residential Networks
While conventional wisdom holds that residential users experience a high degree of compromise and infection, this presumption has seen little validation in the way of an in-depth study. In this paper we present a first step towards an assessment based on monitoring network activity (anonymized for user privacy) of 20,000 residential DSL customers in a European urban area, roughly 1,000 users of a community network in rural India, and several thousand dormitory users at a large US university. Our study focuses on security issues that overtly manifest in such data sets, such as scanning, spamming, payload signatures, and contact to botnet rendezvous points. We analyze the relationship between overt manifestations of such activity versus the “security hygiene” of the user populations (anti-virus and OS software updates) and potential risky behavior (accessing blacklisted URLs). We find that hygiene has little correlation with observed behavior, but risky behavior—which is quite pr...
Gregor Maier, Anja Feldmann, Vern Paxson, Robin So
Added 27 Aug 2011
Updated 27 Aug 2011
Type Journal
Year 2011
Where DIMVA
Authors Gregor Maier, Anja Feldmann, Vern Paxson, Robin Sommer, Matthias Vallentin
Comments (0)