Skip to Content
[CAIDA - Cooperative Association for Internet Data Analysis logo]
The Cooperative Association for Internet Data Analysis > publications : papers : 2012 : analysis_internetwide_probing_darknets
Analysis of Internet-wide Probing using Darknets
A. Dainotti, A. King, and K. Claffy, "Analysis of Internet-wide Probing using Darknets'', in Building Analysis Datasets and Gathering Experience Returns for Security (BADGERS), Oct 2012.
|  View full paper:    PDF    |  View citation:    BibTeX  |

Analysis of Internet-wide Probing using Darknets

Alberto Dainotti
Alistair King
Kimberly Claffy

Cooperative Association for Internet Data Analysis - CAIDA,
San Diego Supercomputer Center,
University of California, San Diego

Recent analysis of traffic reaching the UCSD Network Telescope (a /8 darknet) revealed a sophisticated botnet scanning event that covertly scanned the entire IPv4 space in about 12 days. We only serendipitously discovered this event while studying a completely unrelated behavior (censorship episode in Egypt in February 2011), but we carefully studied the scan, including validating and crosscorrelating our observations with other large data set shared by others. We would like to extend these strategies to detect other large-scale malicious events. We suspect the fight against malware will benefit greatly (and perhaps require) collaborative sharing of diverse large-scale security-related data sets. We hope to discuss both the technical and the data-sharing policy aspects of this challenge at the workshop.

  Last Modified: Tue Mar-4-2014 14:58:11 PST
  Page URL: