Paper Info
Title
An assessment of overt malicious activity manifest in residential networks
Abstract
While conventional wisdom holds that residential users experience a high degree of compromise and infection, this presumption has seen little validation in the way of an in-depth study. In this paper we present a first step towards an assessment based on monitoring network activity (anonymized for user privacy) of 20,000 residential DSL customers in a European urban area, roughly 1,000 users of a community network in rural India, and several thousand dormitory users at a large US university. Our study focuses on security issues that overtly manifest in such data sets, such as scanning, spamming, payload signatures, and contact to botnet rendezvous points. We analyze the relationship between overt manifestations of such activity versus the "security hygiene" of the user populations (anti-virus and OS software updates) and potential risky behavior (accessing blacklisted URLs). We find that hygiene has little correlation with observed behavior, but risky behavior--which is quite prevalent--more than doubles the likelihood that a system will manifest security issues.
Year
DOI
Venue
2011
10.1007/978-3-642-22424-9_9
DIMVA
Keywords
Field
DocType
residential network,in-depth study,risky behavior,residential dsl customer,network activity,potential risky behavior,overt malicious activity,community network,security issue,manifest security issue,security hygiene,observed behavior,computer network security,consumers,computer security
Internet privacy,Community network,Computer science,Computer security,Botnet,Network security,Presumption,Conventional wisdom,Compromise,Payload,Spamming
Conference
Volume
ISSN
Citations 
6739
0302-9743
8
PageRank 
References 
Authors
0.60
13
5
Name
Order
Citations
PageRank
Gregor Maier146234.16
Anja Feldmann24935596.02
Vern Paxson3140312130.20
Robin Sommer4142878.48
Matthias Vallentin516310.07