Skip to main content
SpringerLink
Log in
Book cover

International Workshop on Traffic Monitoring and Analysis

TMA 2011: Traffic Monitoring and Analysis pp 193–196Cite as

Dynamic Monitoring of Dark IP Address Space (Poster)

  • Conference paper

  • 952 Accesses

Part of the book series: Lecture Notes in Computer Science ((LNCCN,volume 6613))

Abstract

number of security-related research topics are based on the monitoring of dark IP address space. Unfortunately there is large administrative overhead associated with the dynamic assignment of a specific subnet for monitoring purposes, such as the deployment of a honeypot farm or a distributed intrusion detection system. In this paper, we propose a system that enables the dynamic allocation of an unadvertised IP address subnet for use by a monitoring sensor. The system dynamically selects network subnets that have been allocated to the organization but are not being advertised, advertises them, and subsequently forwards all received traffic destined to the selected subnet to a monitoring sensor.

This work was supported in part by the project SysSec funded in part by the European Commission, under Grant Agreement Number 257007.

This is a preview of subscription content, log in via an institution.

Chapter
USD   29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD   39.99
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD   54.99
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Learn about institutional subscriptions

Preview

Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.

References

  1. Deri, L.: High-speed dynamic packet filtering. Journal of Network and Systems Management 15(3), 401–415 (2007)

    Article  Google Scholar 

  2. Jiang, X., Xu, D.: Collapsar: A VM-Based Architecture for Network Attack Detention Center. In: Proceedings of the 13th USENIX Security Sumposium (2004)

    Google Scholar 

  3. Di Pietro, A., Huici, F., Costantini, D., Niccolini, S.: Decon: Decentralized coordination for large-scale flow monitoring. In: IEEE Conference on Computer Communications, INFOCOM (2010)

    Google Scholar 

  4. Anagnostakis, K., Antonatos, S., Markatos, E.P.: Honey@home: A new approach to large-scale threat monitoring. In: The Proceedings of the 5th ACM Workshop on Recurring Malcode, WORM (2007)

    Google Scholar 

  5. Trimintzios, P., Polychronakis, M., Papadogiannakis, A., Foukarakis, M., Markatos, E., Øslebø, A.: DiMAPI: An application programming interface for distributed network monitoring. In: Proceedings of the 10th IEEE/IFIP Network Operations and Management Symposium, NOMS (2006)

    Google Scholar 

  6. Wu, Z., Xie, M., Wang, H.: Swift: a fast dynamic packet filter. In: Proceedings of the 5th USENIX Symposium on Networked Systems Design and Implementation, NSDI 2008 (2008)

    Google Scholar 

Download references

Author information

Authors and Affiliations

  1. Institute of Computer Science, Foundation for Research and Technology, Hellas, Greece

    Iasonas Polakis, Georgios Kontaxis, Sotiris Ioannidis & Evangelos P. Markatos

Authors
  1. Iasonas Polakis
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Georgios Kontaxis
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. Sotiris Ioannidis
    View author publications

    You can also search for this author in PubMed Google Scholar

  4. Evangelos P. Markatos
    View author publications

    You can also search for this author in PubMed Google Scholar

Editor information

Editors and Affiliations

  1. Universitat Politècnica de Catalunya (UPC) - Barcelona TECH, Campus Nord, Mòdul D6, Jordi Girona 1-3, 08034, Barcelona, Spain

    Jordi Domingo-Pascual

  2. The Iby and Aladar Fleischman Faculty of Engineering, School of Electrical Engineering, Tel Aviv University, Wolfson Building for Software Engineering, 69978, Ramat Aviv, Israel

    Yuval Shavitt

  3. An-Institut Deutsche Telekom Laboratories, FG INET, Research Group Anja Feldmann, Technische Universität Berlin, Sekr. TEL 16, Ernst-Reuter-Platz 7, 10587, Berlin, Germany

    Steve Uhlig

Rights and permissions

Reprints and permissions

Copyright information

© 2011 Springer-Verlag Berlin Heidelberg

About this paper

Cite this paper

Polakis, I., Kontaxis, G., Ioannidis, S., Markatos, E.P. (2011). Dynamic Monitoring of Dark IP Address Space (Poster). In: Domingo-Pascual, J., Shavitt, Y., Uhlig, S. (eds) Traffic Monitoring and Analysis. TMA 2011. Lecture Notes in Computer Science, vol 6613. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-642-20305-3_20

Download citation

  • DOI: https://doi.org/10.1007/978-3-642-20305-3_20

  • Publisher Name: Springer, Berlin, Heidelberg

  • Print ISBN: 978-3-642-20304-6

  • Online ISBN: 978-3-642-20305-3

  • eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics

Search

Navigation