Presentation | 2020-03-06 Analyzing Effectiveness of Blacklisting Policy Focusing on ON/OFF Pattern of Scan Activities Takashi Fujita, Naoki Fukushi, Masato Uchida, |
---|---|
PDF Download Page | PDF download Page Link |
Abstract(in Japanese) | (See Japanese page) |
Abstract(in English) | A blacklist registers IP addresses and domain names found to be involved in malicious activity. Blacklist providers set a period for registering IP addresses and domain names in their blacklist after the final observation of the attack following their blacklisting policy. In contrast, scanning activities observed by blacklist providers are diversifying. Thus, the existing blacklisting policy determined uniformly for each blacklist may be insufficient to protect users. In this study, we verified the validity of the existing blacklisting policy by analyzing the diversity of blacklisted IP addresses that perform scanning activities, focusing on their ON/OFF patterns. A measurement using the darknet with /8 network and four types of blacklists revealed that scanning activities had a high diversity in terms of the attack duration and that it was difficult for blacklist providers to observe this diversity. |
Keyword(in Japanese) | (See Japanese page) |
Keyword(in English) | Blacklist / Scan / Darknet |
Paper # | CQ2019-151 |
Date of Issue | 2020-02-27 (CQ) |
Conference Information | |
Committee | IE / IMQ / MVE / CQ |
---|---|
Conference Date | 2020/3/5(2days) |
Place (in Japanese) | (See Japanese page) |
Place (in English) | Kyushu Institute of Technology |
Topics (in Japanese) | (See Japanese page) |
Topics (in English) | |
Chair | Hideaki Kimata(NTT) / Toshiya Nakaguchi(Chiba Univ.) / Kenji Mase(Nagoya Univ.) / Hideyuki Shimonishi(NEC) |
Vice Chair | Kazuya Kodama(NII) / Keita Takahashi(Nagoya Univ.) / Mitsuru Maeda(Canon) / Kenya Uomori(Osaka Univ.) / Masayuki Ihara(NTT) / Jun Okamoto(NTT) / Takefumi Hiraguri(Nippon Inst. of Tech.) |
Secretary | Kazuya Kodama(NTT) / Keita Takahashi(NHK) / Mitsuru Maeda(Shizuoka Univ.) / Kenya Uomori(Sony Semiconductor Solutions) / Masayuki Ihara(Nagoya Univ.) / Jun Okamoto(NTT) / Takefumi Hiraguri(Nippon Inst. of Tech.) |
Assistant | Kyohei Unno(KDDI Research) / Norishige Fukushima(Nagoya Inst. of Tech.) / Hiroaki Kudo(Nagoya Univ.) / Masaru Tsuchida(NTT) / Keita Hirai(Chiba Univ.) / Satoshi Nishiguchi(Oosaka Inst. of Tech.) / Masanori Yokoyama(NTT) / Shogo Fukushima(Univ. of ToKyo) / Chikara Sasaki(KDDI Research) / Yoshiaki Nishikawa(NEC) / Takuto Kimura(NTT) |
Paper Information | |
Registration To | Technical Committee on Image Engineering / Technical Committee on Image Media Quality / Technical Committee on Media Experience and Virtual Environment / Technical Committee on Communication Quality |
---|---|
Language | JPN |
Title (in Japanese) | (See Japanese page) |
Sub Title (in Japanese) | (See Japanese page) |
Title (in English) | Analyzing Effectiveness of Blacklisting Policy Focusing on ON/OFF Pattern of Scan Activities |
Sub Title (in English) | |
Keyword(1) | Blacklist |
Keyword(2) | Scan |
Keyword(3) | Darknet |
1st Author's Name | Takashi Fujita |
1st Author's Affiliation | Waseda University(Waseda Univ.) |
2nd Author's Name | Naoki Fukushi |
2nd Author's Affiliation | Waseda University(Waseda Univ.) |
3rd Author's Name | Masato Uchida |
3rd Author's Affiliation | Waseda University(Waseda Univ.) |
Date | 2020-03-06 |
Paper # | CQ2019-151 |
Volume (vol) | vol.119 |
Number (no) | CQ-455 |
Page | pp.pp.87-92(CQ), |
#Pages | 6 |
Date of Issue | 2020-02-27 (CQ) |