TechFairSV

Tracking Internet Hosts Using Unreliable IDs

Download this episode

Download Video

Description

Today's Internet is open and anonymous. While it permits free traffic from any host, attackers that generate malicious traffic typically cannot be held accountable. We will present a system that tracks dynamic bindings between hosts and IP addresses by leveraging application-level data with unreliable IDs. Using a month-long Hotmail user-login trace, we show that this system can attribute most of the activities reliably to the responsible hosts, despite the existence of dynamic IP addresses, proxies, and NATs. With this information, we are able to analyze the host population, to conduct forensic analysis, and to blacklist malicious hosts dynamically.

Embed

Format

Available formats for this video:

Actual format may change based on video formats available and browser capability.

    The Discussion

    Comments closed

    Comments have been closed since this content was published more than 30 days ago, but if you'd like to continue the conversation, please create a new thread in our Forums, or Contact Us and let us know.