Internet Bad Neighborhoods Aggregation


Share/Save/Bookmark

Moura, Giovane C.M. and Sadre, Ramin and Sperotto, Anna and Pras, Aiko (2012) Internet Bad Neighborhoods Aggregation. In: IEEE/IFIP Network Operations and Management Symposium, NOMS 2012, 16-20 April 2012, Maui, Hawaii, USA.

[img] PDF
Restricted to UT campus only
: Request a copy
215kB
Abstract:Internet Bad Neighborhoods have proven to be an innovative approach for fighting spam. They have also helped to understand how spammers are distributed on the Internet. In our previous works, the size of each bad neighborhood was fixed to a /24 subnetwork. In this paper, however, we investigate if it is feasible to aggregate Internet bad neighborhoods not only at /24, but to any network prefix. To do that, we propose two different aggregation strategies: fixed prefix and variable prefix. The motivation for doing that is to reduce the number of entries in the bad neighborhood list, thus reducing memory storage requirements for intrusion detection solutions. We also introduce two error measures that allow to quantify how much error was incurred by the aggregation process. An evaluation of both strategies was conducted by analyzing real world data in our aggregation prototype.
Item Type:Conference or Workshop Item
Copyright:© 2011 IEEE
Faculty:
Electrical Engineering, Mathematics and Computer Science (EEMCS)
Research Group:
Link to this item:http://purl.utwente.nl/publications/79352
Export this item as:BibTeX
EndNote
HTML Citation
Reference Manager

 

Repository Staff Only: item control page

Metis ID: 284989