(2017) Who Controls the Internet? Analyzing Global Threats using Property Graph Traversals.
|
Text
gthreats_www2017.pdf Download (437kB) | Preview |
Abstract
The Internet is built on top of intertwined network services, e.g., email, DNS, and content distribution networks operated by private or governmental organizations. Recent events have shown that these organizations may, knowingly or unknowingly, be part of global-scale security incidents including state-sponsored mass surveillance programs and large-scale DDoS attacks. For example, in March 2015 the Great Cannon attack has shown that an Internet service provider can weaponize millions of Web browsers and turn them into DDoS bots by injecting malicious JavaScript code into transiting TCP connections. While attack techniques and root cause vulnerabilities are routinely studied, we still lack models and algorithms to study the intricate dependencies between services and providers, reason on their abuse, and assess the attack impact. To close this gap, we present a technique that models services, providers, and dependencies as a property graph. Moreover, we present a taint-style propagation-based technique to query the model, and present an evaluation of our framework on the top 100k Alexa domains.
Item Type: | Conference or Workshop Item (A Paper) (Paper) |
---|---|
Additional Information: | pub_id: 1147 Bibtex: SiPeRoBa_17:www URL date: None |
Uncontrolled Keywords: | Internet property graph,large-scale attacks,threat analysis |
Divisions: | Michael Backes (InfSec) Christian Rossow (System Security Group, SysSec) |
Conference: | WWW The Web Conference (Formerly: International World Wide Web Conference) |
Depositing User: | Sebastian Weisgerber |
Date Deposited: | 26 Jul 2017 10:33 |
Last Modified: | 18 Jul 2019 12:10 |
Primary Research Area: | NRA3: Threat Detection and Defenses |
URI: | https://publications.cispa.saarland/id/eprint/1091 |
Actions
Actions (login required)
View Item |