Free Online Productivity Tools
i2Speak
i2Symbol
i2OCR
iTex2Img
iWeb2Print
iWeb2Shot
i2Type
iPdf2Split
iPdf2Merge
i2Bopomofo
i2Arabic
i2Style
i2Image
i2PDF
iLatex2Rtf
Sci2ools
INFOCOM
2010
IEEE
2010
IEEE
Predictive Blacklisting as an Implicit Recommendation System
A widely used defense practice against malicious traffic on the Internet is to maintain blacklists, i.e., lists of prolific attack sources that have generated malicious activity in the past and are considered likely to do so in the future. Traditional blacklisting techniques have typically focused on the prolific attack sources and, more recently, on collaborative blacklisting. In this paper, we study predictive blacklisting, i.e., the problem of forecasting attack sources based on past, shared attack logs, and we formulate it as an implicit recommendation system. Inspired by the recent Netflix competition, we propose a multilevel prediction model that is tailored specifically for the attack forecasting problem. Our model captures and combines various factors, namely: attacker-victim history (using time-series) and attackers and/or victims interactions (using neighborhood models). We evaluate our combined method on one-month of logs from Dshield.org and we demonstrate that it improves ...
Real-time TrafficRelated Content
| Added | 13 Feb 2011 |
| Updated | 13 Feb 2011 |
| Type | Journal |
| Year | 2010 |
| Where | INFOCOM |
| Authors | Fabio Soldo, Anh Le, Athina Markopoulou |
Comments (0)
Researcher Info
|
