Title :
Malicious Hubs: Detecting Abnormally Malicious Autonomous Systems
Author :
Kalafut, Andrew J. ; Shue, Craig A. ; Gupta, Minaxi
Author_Institution :
Sch. of Inf. & Comput., Indiana Univ. at Bloomington, Bloomington, IN, USA
Abstract :
While many attacks are distributed across botnets, investigators and network operators have recently targeted malicious networks through high profile autonomous system (AS) de-peerings and network shut-downs. In this paper, we explore whether some ASes indeed are safe havens for malicious activity. We look for ISPs and ASes that exhibit disproportionately high malicious behavior using 12 popular blacklists. We find that some ASes have over 80% of their routable IP address space blacklisted and others account for large fractions of blacklisted IPs. Overall, we conclude that examining malicious activity at the AS granularity can unearth networks with lax security or those that harbor cybercrime.
Keywords :
Internet; security of data; telecommunication network routing; ASes; ISP; abnormally malicious autonomous systems; de-peerings; harbor cybercrime; high profile autonomous system; malicious hubs; network shut-downs; routable IP address; security; targeted malicious networks; Communications Society; Computer crime; Computer networks; Computer security; Distributed computing; Informatics; Internet; Peer to peer computing; Telecommunication traffic; US Government;
Conference_Titel :
INFOCOM, 2010 Proceedings IEEE
Conference_Location :
San Diego, CA
Print_ISBN :
978-1-4244-5836-3
DOI :
10.1109/INFCOM.2010.5462220
