Detecting Black IP Using for Classification and Analysis Through Source IP of Daily Darknet Traffic
Recently, the community is recognizing to an importance of network vulnerability. Also, through the using this vulnerability, attackers can acquire the information of vulnerable users. Therefore, many researchers have been studying about a countermeasure of network vulnerabillty. In recent, the darknet is a received attention to research for detecting action of attackers. The means of darknet are formed a set of unused IP addresses and no real systems of connect to the darknet. In this paper, we proposed an using darknet for the detecting black IPs. So, it was choosen to classification and analysis through source IP of daily darknet traffic. The proposed method prepared 8,192 destination IP addresses in darknet space and collected the darknet traffic during 1 months. It collected total 277,002,257 in 2016, August. An applied results of the proposed process were seen for an effectiveness of pre-detection for real attacks.
KeywordsDarknet Network vulnerabillty Detection of black IP
- 1.Moore, D., Shannon, C., Voelker, G., Savage, S.: Network telescopes. Technical report, CAIDA (2004)Google Scholar
- 3.Cooke, E., Bailey, M., Watson, D., Jahanian, F., Nazario, J.: The internet motion sensor-a distributed blackhole monitoring system. In: NDSS 2005, pp. 167–179 (2005)Google Scholar
- 5.Abbasi, F.H., Harris, R.J.: Experiences with a generation III virtual Honeynet. In: Telecommunication Networks and Applications Conference 2009, pp. 1–6. IEEE Press (2009)Google Scholar
- 10.Choi, S., Song, J., Kim, S., Kim, S.: A model of analyzing cyber threats trend and tracing potential attackers based on darknet traffic. Secur. Commun. Netw. 7, 1612–1621 (2013)Google Scholar
- 11.Ko, S., Kim, K., Lee, Y., Song, J.: A classification method of darknet traffic for advanced security monitoring and response. In: Loo, C.K., Yap, K.S., Wong, K.W., Beng Jin, A.T., Huang, K. (eds.) ICONIP 2014. LNCS, vol. 8836, pp. 357–364. Springer, Cham (2014). doi: 10.1007/978-3-319-12643-2_44 Google Scholar