Automatically Inferring the Evolution of Malicious Activity on the Internet
Download: Paper (PDF)
Date: 25 Apr 2013
Document Type: Presentations
Additional Documents: Slides
Associated Event: NDSS Symposium 2013
Malicious activity (spam, scans, botnets) arises from virtually anywhere on the Internet and frequently shifts longitudinally over time. We develop the first algorithmic techniques to automatically infer regions of the Internet with shifting security characteristics in an online fashion. Our evaluations on real network data highlight some regions (some small ISPs and hosting providers) are prone to much faster changes than others.