Author(s): Shobha Venkataraman, David Brumley, Subhabrata Sen, Oliver Spatscheck

Download: Paper (PDF)

Date: 25 Apr 2013

Document Type: Presentations

Additional Documents: Slides

Associated Event: NDSS Symposium 2013


Malicious activity (spam, scans, botnets) arises from virtually anywhere on the Internet and frequently shifts longitudinally over time. We develop the first algorithmic techniques to automatically infer regions of the Internet with shifting security characteristics in an online fashion. Our evaluations on real network data highlight some regions (some small ISPs and hosting providers) are prone to much faster changes than others.