Skip to Content
[CAIDA - Center for Applied Internet Data Analysis logo]
Center for Applied Internet Data Analysis
www.caida.org > publications : papers : 2012 : analysis_internetwide_probing_darknets
Analysis of Internet-wide Probing using Darknets
A. Dainotti, A. King, and K. Claffy, "Analysis of Internet-wide Probing using Darknets", in Building Analysis Datasets and Gathering Experience Returns for Security (BADGERS), Oct 2012.
|  View full paper:    PDF    |  View citation:    BibTeX  |

Analysis of Internet-wide Probing using Darknets

Alberto Dainotti
Alistair King
Kimberly Claffy

CAIDA,San Diego Supercomputer Center,University of California, San Diego

Recent analysis of traffic reaching the UCSD Network Telescope (a /8 darknet) revealed a sophisticated botnet scanning event that covertly scanned the entire IPv4 space in about 12 days. We only serendipitously discovered this event while studying a completely unrelated behavior (censorship episode in Egypt in February 2011), but we carefully studied the scan, including validating and crosscorrelating our observations with other large data set shared by others. We would like to extend these strategies to detect other large-scale malicious events. We suspect the fight against malware will benefit greatly (and perhaps require) collaborative sharing of diverse large-scale security-related data sets. We hope to discuss both the technical and the data-sharing policy aspects of this challenge at the workshop.

Keywords: measurement methodology, security
  Last Modified: Tue Dec-16-2014 16:20:59 PST
  Page URL: http://www.caida.org/publications/papers/2012/analysis_internetwide_probing_darknets/index.xml