Abstract
It’s known fact that malicious IP addresses are not evenly distributed over the IP addressing space. In this paper, we frame networks concentrating malicious addresses as bad neighborhoods. We propose a formal definition and show this concentration can be used to predict future attacks (new spamming sources, in our case), and propose an algorithm to aggregate individual IP addresses can bigger neighborhoods. Moreover, we show how bad neighborhoods are specific according to the exploited application (e.g., spam, ssh) and how the performance of different blacklist sources impacts lightweight spam filtering algorithms.
Original language | Undefined |
---|---|
Title of host publication | Proceedings of the IEEE/IFIP Network Operations and Management Symposium (NOMS 2014) |
Place of Publication | USA |
Publisher | IEEE |
Pages | 1-7 |
Number of pages | 7 |
ISBN (Print) | 978-1-4799-0913-1 |
DOIs | |
Publication status | Published - 5 May 2014 |
Event | 14th IEEE/IFIP Network Operations and Management Symposium, NOMS 2014 - Radisson Park Inn, Krakow, Poland Duration: 5 May 2014 → 9 May 2014 Conference number: 14 http://noms2014.ieee-noms.org/ |
Publication series
Name | |
---|---|
Publisher | IEEE Communications Society |
Conference
Conference | 14th IEEE/IFIP Network Operations and Management Symposium, NOMS 2014 |
---|---|
Abbreviated title | NOMS 2014 |
Country/Territory | Poland |
City | Krakow |
Period | 5/05/14 → 9/05/14 |
Internet address |
Keywords
- EWI-25864
- METIS-310013
- IR-95237