Today’s Internet contains a large portion of “dynamic ” IP ad-dresses, which are assigned to clients upon request. A signif-icant amount of malicious activities have been reported from dynamic IP space, such as spamming, botnets, etc.. Accurate identification of dynamic IP addresses will help build black-lists of suspicious hosts with more confidence, and help track the sources of different types of anomalous activities. In this paper, we contrast traffic activity patterns between static and dynamic IP addresses in a large campus network, as well as their activity patterns when countering outside scanning traffic. Based on the distinct characteristics observed, we propose a scanning-based technique for identifying dynamic IP addresses in bl...
It is well known that intrusion detection systems can make smarter decisions if the context of the t...
On the Internet and other IP networks, the Domain Name System (DNS) is used to identify machines. Re...
On the Internet and other IP networks, the Domain Name System (DNS) is used to identify machines. Re...
Many cyberattacks are conducted using malware-infected hosts. Most of such malware-infected hosts co...
Today’s evolving networks are experiencing a large number of different attacks ranging from system b...
Campus or enterprise networks often have many unassigned IP addresses that collectively form IP gray...
<p>Internet-based services routinely contend with a range of malicious activity (e.g., spam, scans, ...
Port scan correlation aims to differentiate between benign and malicious scans. In this paper we wil...
This thesis seeks to use knowledge of Internet addressing to improve Internet security. Its goal is ...
Abstract—This paper considers the global IP-usage patterns exhibited by different types of malicious...
In this paper, we present novel and practical techniques to accurately detect IP prefix hijacking at...
After many research efforts, Network Intrusion Detection Systems still have much room for improvemen...
In this dissertation, we evaluate the potential of unsolicited Internet traffic, called Internet Bac...
Abstract—Malware is a major threat to security and privacy of network users. A huge variety of malwa...
One challenge in understanding the evolution of Internet in-frastructure is the lack of systematic m...
It is well known that intrusion detection systems can make smarter decisions if the context of the t...
On the Internet and other IP networks, the Domain Name System (DNS) is used to identify machines. Re...
On the Internet and other IP networks, the Domain Name System (DNS) is used to identify machines. Re...
Many cyberattacks are conducted using malware-infected hosts. Most of such malware-infected hosts co...
Today’s evolving networks are experiencing a large number of different attacks ranging from system b...
Campus or enterprise networks often have many unassigned IP addresses that collectively form IP gray...
<p>Internet-based services routinely contend with a range of malicious activity (e.g., spam, scans, ...
Port scan correlation aims to differentiate between benign and malicious scans. In this paper we wil...
This thesis seeks to use knowledge of Internet addressing to improve Internet security. Its goal is ...
Abstract—This paper considers the global IP-usage patterns exhibited by different types of malicious...
In this paper, we present novel and practical techniques to accurately detect IP prefix hijacking at...
After many research efforts, Network Intrusion Detection Systems still have much room for improvemen...
In this dissertation, we evaluate the potential of unsolicited Internet traffic, called Internet Bac...
Abstract—Malware is a major threat to security and privacy of network users. A huge variety of malwa...
One challenge in understanding the evolution of Internet in-frastructure is the lack of systematic m...
It is well known that intrusion detection systems can make smarter decisions if the context of the t...
On the Internet and other IP networks, the Domain Name System (DNS) is used to identify machines. Re...
On the Internet and other IP networks, the Domain Name System (DNS) is used to identify machines. Re...