Detecting Dynamic IP Addresses Using the Sequential Characteristics of PTR Records
Ramakrishna Padmanabhan, Amogh Dhamdhere, Emile Aben, kc claffy, and Neil Spring. Reasons dynamic addresses change. In Phillipa Gill, John S. Heidemann, John W. Byers, and Ramesh Govindan, editors, Proceedings of the 2016 ACM on Internet Measurement Conference, IMC 2016, Santa Monica, CA, USA, November 14-16, 2016, pp. 183– 198. ACM, 2016.
SPAMHAUS. The spamhaus project ltd., the spamhaus project. https://www.spamhaus.org/.
SPAMHAUS. The spamhaus project ltd., compoist blocking list. http://www.abuseat.org/.
SORBS. Spam and open relay blocking system (sorbs). http://www.sorbs.net/.
Yinglian Xie, Fang Yu, Kannan Achan, Eliot Gillum, Mois´es Goldszmidt, and Ted Wobber. How dynamic are IP addresses? In Jun Murai and Kenjiro Cho, editors, Proceedings of the ACM SIGCOMM 2007 Conference on Applications, Technologies, Architectures, and Protocols for Computer Communications, Kyoto, Japan, August 27-31, 2007, pp. 301–312. ACM, 2007.
Philipp Richter, Georgios Smaragdakis, David Plonka, and Arthur W. Berger. Beyond counting: New perspectives on the active ipv4 address space. In Phillipa Gill, John S. Heidemann, John W. Byers, and Ramesh Govindan, editors, Proceedings of the 2016 ACM on Internet Measurement Conference, IMC 2016, Santa Monica, CA, USA, November 14-16, 2016, pp. 135–149. ACM, 2016.
Yu Jin, Esam Sharafuddin, and Zhi-Li Zhang. Identifying dynamic IP address blocks serendipitously through background scanning traffic. In Jim Kurose and Henning Schulzrinne, editors, Proceedings of the 2007 ACM Conference on Emerging Network Experiment and Technology, CoNEXT 2007, New York, NY, USA, December 10-13, 2007, p. 4. ACM, 2007.
Xue Cai and John S. Heidemann. Understanding block-level address usage in the visible internet. In Shivkumar Kalyanaraman, Venkata N. Padmanabhan, K. K. Ramakrishnan, Rajeev Shorey, and Geoffrey M. Voelker, editors, Proceedings of the ACM SIGCOMM 2010 Conference on Applications, Technologies, Architectures, and Protocols for Computer Communications, New Delhi, India, August 30 -September 3, 2010, pp. 99–110. ACM, 2010.
Akamai. Attack spotlight: An internet of things botnet. https://www.akamai.com/us/en/multimedia/documents/state-of
Antonakakis Manos, April Tim, Bailey Michael, Bernhard Matt, Bursztein Elie, Cochran Jaime, Durumeric Zakir, Halderman J. Alex, Invernizzi Luca, Kallitsis Michalis, Kumar Deepak, Lever Chaz, Ma Zane, Mason Joshua, Menscher Damian, Seaman Chad, Sullivan Nick, Thomas Kurt, and Zhou Yi. Understanding the mirai botnet. In Kirda Engin and Ristenpart Thomas, editors, 26th USENIX Security
Symposium, USENIX Security 2017, Vancouver, BC, Canada, August 16-18, 2017., pp. 1093–1110. USENIX Association, 2017.
MAX MIND. Geolite legacy downloadable databases. https://dev.maxmind.com/geoip/legacy/geolite/.
Daiki Chiba, Mitsuaki Akiyama, Takeshi Yagi, Kunio Hato, Tatsuya Mori, and Shigeki Goto. Domainchroma: Building actionable threat intelligence from malicious domain names. Computers & Security, Vol. 77, pp. 138 – 161, 2018.
Mozilla Foundation. Public suffix list. https://publicsuffix.org/.
Harvard University. Jaro-winkler distance. https://scholar.harvard.edu/jfeigenbaum/software/jaro-winkler-distance.
Matthew A. Jaro. Advances in record-linkage methodology as applied to matching the 1985 census of tampa, florida. Journal of the American Statistical Association, Vol. 84, No. 406, pp. 414–420, 1989.
Matthew A. Jaro. Probabilistic linkage of large public health data files. Statistics in Medicine, Vol. 14, No. 5–7, pp. 491–498.
William E. Winkler. String comparator metrics and enhanced decision rules in the fellegi-sunter model of record linkage. In Proceedings of the Section on Survey Research, pp. 354–359, 1990.
William E. Winkler. Overview of record linkage and current research directions. Technical report, February 2006.
Ryan Grove. RawGit. https://rawgit.com/ztane/python-Levenshtein/master/docs/Levenshtein.html.
Rapid7. Reverse dns (rdns). https://opendata.rapid7.com/sonar.rdnsn_v2/.
Hideo Asami. Study report of an anti-spam system with a
% block rate. http://www.gabacho-net.jp/en/anti-spam/anti-spam-system.html.
- There are currently no refbacks.