Who Controls the Internet? Analyzing Global Threats using Property Graph Traversals

Simeonovski, Milivoj and Pellegrino, Giancarlo and Rossow, Christian and Backes, Michael
(2017) Who Controls the Internet? Analyzing Global Threats using Property Graph Traversals.
In: Proc. of the 26rd International Conference on World Wide Web (WWW 2017).
Conference: WWW The Web Conference (Formerly: International World Wide Web Conference)

[img]
Preview
Text
gthreats_www2017.pdf

Download (437kB) | Preview

Abstract

The Internet is built on top of intertwined network services, e.g., email, DNS, and content distribution networks operated by private or governmental organizations. Recent events have shown that these organizations may, knowingly or unknowingly, be part of global-scale security incidents including state-sponsored mass surveillance programs and large-scale DDoS attacks. For example, in March 2015 the Great Cannon attack has shown that an Internet service provider can weaponize millions of Web browsers and turn them into DDoS bots by injecting malicious JavaScript code into transiting TCP connections. While attack techniques and root cause vulnerabilities are routinely studied, we still lack models and algorithms to study the intricate dependencies between services and providers, reason on their abuse, and assess the attack impact. To close this gap, we present a technique that models services, providers, and dependencies as a property graph. Moreover, we present a taint-style propagation-based technique to query the model, and present an evaluation of our framework on the top 100k Alexa domains.

Actions

Actions (login required)

View Item View Item