5/17/2023 0 Comments Netcontrol torrent![]() ![]() We also find that malicious ASes as a whole differ from benign ones in other properties not obviously related to their malicious activities, such as more frequent connectivity changes with their BGP peers. Several ASes regularlymore » peer with ASes associated with significant malicious activity. Yet others account for large fractions of blacklisted IP addresses. We find that some ASes have over 80% of their routable IP address space blacklisted. We look for ISPs and ASes that exhibit disproportionately high malicious behavior using ten popular blacklists, plus local spam data, and extensive DNS resolutions based on the contents of the blacklists. In this paper, we explore whether some ASes indeed are safe havens for malicious activity. While many attacks are distributed across botnets, investigators and network operators have recently targeted malicious networks through high profile autonomous system (AS) de-peerings and network shut-downs. Overall, we conclude that examining malicious activity at the AS granularity can unearth networks with lax security or thosemore » that harbor cybercrime.« lessĪbnormally Malicious Autonomous Systems and their Internet Connectivity We find that some ASes have over 80% of their routable IP address space blacklisted and others account for large fractions of blacklisted IPs. We look for ISPs and ASes that exhibit disproportionately high malicious behavior using 12 popular blacklists. ![]() Malicious Hubs: Detecting Abnormally Malicious Autonomous SystemsĭOE Office of Scientific and Technical Information (OSTI.GOV) ![]()
0 Comments
Leave a Reply. |