Internet Bad Neighborhoods Aggregation


Moura, Giovane C.M. and Sadre, Ramin and Sperotto, Anna and Pras, Aiko (2012) Internet Bad Neighborhoods Aggregation. In: IEEE/IFIP Network Operations and Management Symposium, NOMS 2012, 16-20 April 2012, Maui, Hawaii, USA.

[img] PDF
Restricted to UT campus only
: Request a copy
Abstract:Internet Bad Neighborhoods have proven to be an innovative approach for fighting spam. They have also helped to understand how spammers are distributed on the Internet. In our previous works, the size of each bad neighborhood was fixed to a /24 subnetwork. In this paper, however, we investigate if it is feasible to aggregate Internet bad neighborhoods not only at /24, but to any network prefix. To do that, we propose two different aggregation strategies: fixed prefix and variable prefix. The motivation for doing that is to reduce the number of entries in the bad neighborhood list, thus reducing memory storage requirements for intrusion detection solutions. We also introduce two error measures that allow to quantify how much error was incurred by the aggregation process. An evaluation of both strategies was conducted by analyzing real world data in our aggregation prototype.
Item Type:Conference or Workshop Item
Copyright:© 2011 IEEE
Electrical Engineering, Mathematics and Computer Science (EEMCS)
Research Group:
Link to this item:
Export this item as:BibTeX
HTML Citation
Reference Manager


Repository Staff Only: item control page

Metis ID: 284989