direkt zum Inhalt springen

direkt zum Hauptnavigationsmenü

Sie sind hier

TU Berlin

Page Content

Robin Sommer's Publications

An Assessment of Overt Malicious Activity Manifest in Residential Networks
Citation key MFPSV-AAOOMAMIRN-11
Author Maier, Gregor and Feldmann, Anja and Paxson, Vern and Sommer, Robin and Vallentin, Matthias
Title of Book Proceedings of the eighth Conference on Detection of Intrusions and Malware and Vulnerability Assessment (DIMVA '11)
Pages 144–163
Year 2011
ISBN 978-3-642-22423-2
ISSN 0302-9743
Online ISSN 1611-3349
DOI http://dx.doi.org/10.1007/978-3-642-22424-9_9
Location Amsterdam, Netherlands
Address Berlin / Heidelberg, Germany
Volume 6739
Month July
Publisher Springer
Series Lecture Notes in Computer Science (LNCS)
Organization IEEE
Abstract While conventional wisdom holds that residential users experience a high degree of compromise and infection, this presumption has seen little validation in the way of an in-depth study. In this paper we present a first step towards an assessment based on monitoring network activity (anonymized for user privacy) of 20,000 residential DSL customers in a European urban area, roughly 1,000 users of a community network in rural India, and several thousand dormitory users at a large US university. Our study focuses on security issues that overtly manifest in such data sets, such as scanning, spamming, payload signatures, and contact to botnet rendezvous points. We analyze the relationship between overt manifestations of such activity versus the ''security hygiene'' of the user populations (anti-virus and OS software updates) and potential risky behavior (accessing blacklisted URLs). We find that hygiene has little correlation with observed behavior, but risky behavior–which is quite prevalent–more than doubles the likelihood that a system will manifest security issues.
Link to publication Download Bibtex entry

Zusatzinformationen / Extras

Quick Access:

Schnellnavigation zur Seite über Nummerneingabe