|![[Search]](https://talks.cam.ac.uk/images/search.gif?1209136071)
|![[A-Z Index]](https://talks.cam.ac.uk/images/az.gif?1209136071)
|![[Contact]](https://talks.cam.ac.uk/images/contact.gif?1209136071)
||![[University of Cambridge]](https://talks.cam.ac.uk/images/identifier2.gif?1209136071){kind=small} |
COOKIES: By using this website you agree that we can place Google Analytics Cookies on your device for performance monitoring. | ![[Talks.cam]](https://talks.cam.ac.uk/images/talkslogosmall.gif?1209136071) |
University of Cambridge > Talks.cam > Isaac Newton Institute Seminar Series > (Anti)social Behavior in Malicious Internet Source IPs: Characterisation and Detection
(Anti)social Behavior in Malicious Internet Source IPs: Characterisation and DetectionAdd to your list(s) Download to your calendar using vCal
If you have a question about this talk, please contact Mustapha Amrani. Stochastic Processes in Communication Sciences We consider the problem of monitoring Internet traffic at the IP address level, for the purpose of identifying malicious source IPs. This problem is highly challenging, due to such diverse factors as data volume, limited measurement vantage, sampling effects, and user privacy concerns. Moreover, efforts typically are made for traffic from the very IP addresses we seek to detect to blend in with the rest of (normal) traffic. In this talk, we present work characterising the traffic behavior of IP source addresses from a social network perspective and exploiting our characterizations to build simple but effective detection tools. Specifically, we analyze network flow data, collected on a major Internet backbone network, in combination with log records from Internet security programs, using both local and global network representations and network analysis tools. Our findings are twofold. First, we show that malicious source nodes in IP traffic are distinctive in their communication behavior, in that they interact with other nodes without substantively participating in the natural communities within which the latter exist. Second, we demonstrate that, with appropriate social network analysis tools, this behavior can be exploited in developing detection algorithms. This is joint work with Qi Ding, Natallia Katenka, Paul Barford, and Mark Crovella. This talk is part of the Isaac Newton Institute Seminar Series series. This talk is included in these lists:
Note that ex-directory lists are not shown. |
Other listsBioLunch Holocaust Memorial Day Adaptation to climate change seminar seriesOther talksThe Rise of Augmented Intelligence in Edge Networks Neural Networks and Natural Language Processing Number, probability and community: the Duckworth-Lewis-Stern data model, Monte Carlo simulations and counterfactual futures in cricket Regulators of Muscle Stem Cell Fate and Function Is Demand Side Response a woman’s work? Gender dynamics in a field trial of smart meters and Time of Use tariffs in east London. Atiyah Floer conjecture Are hospital admissions for people with palliative care needs avoidable and unwanted? A polyfold lab report Crowding and the disruptive effect of clutter throughout the visual system Assessing the Impact of Open IP in Emerging Technologies |
Kolaczyk, E (Boston)
Friday 25 June 2010, 16:00-16:45