EEMCS

Home > Publications
Home University of Twente
Education
Research
Prospective Students
Jobs
Publications
Intranet (internal)
 
 Nederlands
 Contact
 Search
 Organisation

EEMCS EPrints Service


20081 Finding and Analyzing Evil Cities on the Internet
Home Policy Brochure Browse Search User Area Contact Help

van Polen, M. and Moreira Moura, G.C. and Pras, A. (2011) Finding and Analyzing Evil Cities on the Internet. In: Proceedings of the 5th International Conference on Autonomous Infrastructure, Management and Security (AIMS), 13-17 Jun 2011, Nancy, France. pp. 38-48. Springer Verlag. ISBN 978-3-642-21483-7

Full text available as:

PDF

431 Kb
Open Access



Official URL: http://dx.doi.org/10.1007/978-3-642-21484-4_4

Exported to Metis

Abstract

IP Geolocation is used to determine the geographical location of Internet users based on their IP addresses. When it comes to security, most of the traditional geolocation analysis is performed at country level. Since countries usually have many cities/towns of different sizes, it is expected that they behave differently when performing malicious activities. Therefore, in this paper we refine geolocation analysis to the city level. The idea is to find the most dangerous cities on the Internet and observe how they behave. This information can then be used by security analysts to improve their methods and tools. To perform this analysis, we have obtained and evaluated data from a real-world honeypot network of 125 hosts and from production e-mail servers.

Item Type:Conference or Workshop Paper (Full Paper, Talk)
Research Group:EWI-DACS: Design and Analysis of Communication Systems
Research Program:CTIT-DSN: Dependable Systems and Networks
ID Code:20081
Status:Published
Deposited On:19 April 2011
Refereed:Yes
International:Yes
More Information:statisticsmetis

Export this item as:

To correct this item please ask your editor

Repository Staff Only: edit this item