Highly Predictive Blacklisting

14 years 1 months ago

Download www.cyber-ta.org

The notion of blacklisting communication sources has been a well-established defensive measure since the origins of the Internet community. In particular, the practice of compiling and sharing lists of the worst offenders of unwanted traffic is a blacklisting strategy that has remained virtually unquestioned over many years. But do the individuals who incorporate such blacklists into their perimeter defenses benefit from the blacklisting contents as much as they could from other list-generation strategies? In this paper, we will argue that there exist better alternative blacklist generation strategies that can produce higher-quality results for an individual network. In particular, we introduce a blacklisting system based on a relevance ranking scheme borrowed from the link-analysis community. The system produces customized blacklists for individuals who choose to contribute data to a centralized log-sharing infrastructure. The ranking scheme measures how closely related an attack sou...

Jian Zhang, Phillip A. Porras, Johannes Ullrich

Real-time Traffic

Blacklisting | Operating System | Ranking Scheme | Relevance Ranking Scheme | USS 2008 |

claim paper

Post Info
More Details (n/a)

Added	02 Oct 2010
Updated	02 Oct 2010
Type	Conference
Year	2008
Where	USS
Authors	Jian Zhang, Phillip A. Porras, Johannes Ullrich

Comments (0)

Sciweavers

Highly Predictive Blacklisting

Blacklisting | Operating System | Ranking Scheme | Relevance Ranking Scheme | USS 2008 |

Explore & Download

Productivity Tools

Document Tools

Image Tools

Sciweavers