'Bad neighbourhoods' on the internet are a real nuisance

Mar 08, 2013

Of the 42,000 Internet Service Providers (ISPs) surveyed, just 20 were found to be responsible for nearly half of all the internet addresses that send spam. That just is one of the striking results of an extensive study by the University of Twente's Centre for Telematics and Information Technology (CTIT). This study focused on "Bad Neighbourhoods" on the internet (which sometimes correspond to certain geographical areas) that are the source of a great deal of spam, phishing or other undesirable activity. In his thesis, Giovane Moura describes this situation in detail.

Just like in the real world, the internet has also "bad neighbourhoods" whose streets are not safe and where are higher than in other districts. Research into these "Bad on the Internet" can lead to better security solutions. To this end, Moura has carried out the first systematic investigation of malicious hosts, by monitoring and analysing network data. His main conclusion is that is indeed concentrated in limited zones: areas in which the IP addresses show strong similarities, per ISP, or even per country. For instance, this PhD researcher found that 62% of the addresses at one ISP were related to spam. This knowledge can be used to link to specific ISPs.

Geographically determined

It is also interesting to note that different types of activities are associated with different parts of the world. For instance, spam comes mainly from southern Asian countries, while phishing occurs primarily in the United States and other developed countries. The reason for the latter is that these countries are home to most data centres and cloud computing providers. It is also important to distinguish between individual IP addresses that launch one-off attacks and a whole Bad Neighbourhood that almost always launches repeated attacks. This information, too, is very useful in terms of establishing a security strategy. The history of a Bad Neighbourhood, as identified by this PhD researcher, can be of value here.

Giovane César Moreira Moura (from Goiânia, Brazil) carried out his PhD research in the Design and Analysis of Communication Systems department, which is part of the University of Twente's Centre for Telematics and Information Technology (CTIT). His thesis supervisor was Prof. Boudewijn Haverkort and his assistant thesis supervisor was Dr Aiko Pras.

Explore further: Digital dilemma: How will US respond to Sony hack?

More information: Giovane César Moreira Moura (from Goiânia, Brazil) carried out his PhD research in the Design and Analysis of Communication Systems department, which is part of the University of Twente's Centre for Telematics and Information Technology (CTIT). His thesis supervisor was Prof. Boudewijn Haverkort and his assistant thesis supervisor was Dr Aiko Pras.

add to favorites email to friend print save as pdf

Related Stories

IronPort Revamps Security Monitoring Site

May 22, 2007

IronPort Systems has revised its Internet traffic monitoring Web site, a resource for IT staffers searching for a real-time view into security threats.

Measuring 'the Cloud': Performance could be better

Nov 19, 2012

(Phys.org)—Storing information "in the Cloud" is rapidly gaining in popularity. Yet just how do these services really work? Researchers from the University of Twente's Centre for Telematics and Information Technology (CTIT) ...

Recommended for you

Digital dilemma: How will US respond to Sony hack?

Dec 18, 2014

The detective work blaming North Korea for the Sony hacker break-in appears so far to be largely circumstantial, The Associated Press has learned. The dramatic conclusion of a Korean role is based on subtle ...

UN General Assembly OKs digital privacy resolution

Dec 18, 2014

The U.N. General Assembly has approved a resolution demanding better digital privacy protections for people around the world, another response to Edward Snowden's revelations about U.S. government spying.

Online privacy to remain thorny issue: survey

Dec 18, 2014

Online privacy will remain a thorny issue over the next decade, without a widely accepted system that balances user rights and personal data collection, a survey of experts showed Thursday.

Spain: Google News vanishes amid 'Google Tax' spat

Dec 16, 2014

Google on Tuesday followed through with a pledge to shut down Google News in Spain in reaction to a Spanish law requiring news publishers to receive payment for content even if they are willing to give it away.

User comments : 0

Please sign in to add a comment. Registration is free, and takes less than a minute. Read more

Click here to reset your password.
Sign in to get notified via email when new comments are made.