research-article

Free Access

ASwatch: An AS Reputation System to Expose Bulletproof Hosting ASes

Authors:
Maria Konte

Georgia Tech, Atlanta, GA, USA

Georgia Tech, Atlanta, GA, USA
View Profile

,
Roberto Perdisci

University of Georgia, Athens, GA, USA

University of Georgia, Athens, GA, USA
View Profile

,
Nick Feamster

Princeton University, Princeton, NJ, USA

Princeton University, Princeton, NJ, USA
View Profile

SIGCOMM '15: Proceedings of the 2015 ACM Conference on Special Interest Group on Data CommunicationAugust 2015Pages 625–638https://doi.org/10.1145/2785956.2787494

Published:17 August 2015Publication History

SIGCOMM '15: Proceedings of the 2015 ACM Conference on Special Interest Group on Data Communication

Pages 625–638

Supplemental Material

p625-konte.webm

webm

152.8 MB

Download

References

abuse.ch. And Another Bulletproof Hosting AS Goes Offline, Mar. 2010. http://www.abuse.ch/?p=2496.Google Scholar
abuse.ch. 2011: A Bad Start For Cybercriminals: 14 Rogue ISPs Disconnected. http://www.abuse.ch/?tag=vline-telecom, Jan. 2011.Google Scholar
N. M. Al-Rousan and L. Trajkovic. Machine learning models for classification of BGP anomalies. In High Performance Switching and Routing (HPSR), pages 103--108, 2012.Google ScholarCross Ref
BGP Ranking. http://bgpranking.circl.lu/.Google Scholar
Bgp ranking reports. http://bgpranking.circl.lu/.Google Scholar
L. Breiman. Random Forests. Machine learning, 45(1):5--32, 2001. Google ScholarDigital Library
Bulletproof Hosting. http://en.wikipedia.org/wiki/Bulletproof_hosting. Wikipedia.Google Scholar
K. Chiang and L. Lloyd. A case study of the Rustock rootkit and spam bot. In Workshop on Understanding Botnets, 2007. Google ScholarDigital Library
M. P. Collins, T. J. Shimeall, S. Faber, J. Janies, R. Weaver, M. De Shon, and J. Kadane. Using uncleanliness to predict future botnet addresses. In ACM SIGCOMM Internet Measurement Conference, pages 93--104, 2007. Google ScholarDigital Library
Criminal service providers. http://cyberthreat.wordpress.com/category/criminal-service-providers/.Google Scholar
DShield: Internet Storm Center - Internet Security. www.dshield.org/?Google Scholar
F.Li and M. Hsieh. An empirical study of clustering behavior of spammers and group-based anti-spam strategies. In Conference on Email and Anti-Spam (CEAS), 2006.Google Scholar
Hostexploit. AS50896-PROXIEZ Overview of a crime server, May 2010. http://goo.gl/AYGKAQ.Google Scholar
Hostexploit, June 2011. http://hostexploit.com/.Google Scholar
Hostexploit. World Hosts Report. Technical report, Mar. 2014. http://hostexploit.com/downloads/summary/7-public-reports/52-world-hosts-report-march-2014.html.Google Scholar
Crimeware-firendly ISPs. http://hphosts.blogspot.com/2010/02/crimeware-friendly-isps-cogent-psi.html.Google Scholar
B. Johnson, J. Chuang, J. Grossklags, and N. Christin. Metrics for Measuring ISP Badness: The Case of Spam. In Financial Cryptography and Data Security, pages 89--97. Springer, 2012.Google ScholarCross Ref
A. J. Kalafut, C. A. Shue, and M. Gupta. Malicious Hubs: Detecting Abnormally Malicious Autonomous Systems. In IEEE INFOCOM, pages 1--5. IEEE, 2010. Google ScholarDigital Library
J. Kirk. ISP Cut Off from Internet After Security Concerns. http://www.pcworld.com/article/153734/mccolo_isp_security.html, Nov. 2008. PC World.Google Scholar
M. Konte and N. Feamster. Re-wiring Activity of Malicious Networks. In Passive and Active Measurement, pages 116--125. Springer, 2012. Google ScholarDigital Library
B. Krebs. Russian Business Network: Down, But Not Out. http://goo.gl/6ITJwP, Nov. 2007. Washington Post.Google Scholar
B. Krebs. Host of Internet Spam Groups Is Cut Off. http://goo.gl/8J5P89, Nov. 2008. Washington Post.Google Scholar
B. Krebs. Dozens of ZeuS Botnets Knocked Offline, Mar. 2010. http://krebsonsecurity.com/2010/03/dozens-of-zeus-botnets-knocked-offline/.Google Scholar
J. Li, M. Guidero, Z. Wu, E. Purpus, and T. Ehrenkranz. BGP Routing Dynamics Revisited. ACM SIGCOMM Computer Communication Review, 37(2):5--16, 2007. Google ScholarDigital Library
M. Luckie, B. Huffaker, A. Dhamdhere, V. Giotsas, et al. AS Relationships, Customer Cones, and Validation. In Proceedings of ACM SIGCOMM Internet Measurement Conference, pages 243--256. ACM, 2013. Google ScholarDigital Library
J. Mai, L. Yuan, and C.-N. Chuah. Detecting BGP anomalies with wavelet. In IEEE Network Operations and Management Symposium, pages 465--472. IEEE, 2008.Google ScholarCross Ref
R. McMillan. After Takedown, Botnet-linked ISP Troyak Resurfaces. http://goo.gl/5k0OV1, Mar. 2010. Computer World.Google Scholar
B. A. Prakash, N. Valler, D. Andersen, M. Faloutsos, and C. Faloutsos. BGP-lens: Patterns and Anomalies in Internet Routing Updates. In ACM SIGKDD international conference on Knowledge Discovery and Data Mining, pages 1315--1324, 2009. Google ScholarDigital Library
A. Ramachandran and N. Feamster. Understanding the Network-Level Behavior of Spammers. In ACM SIGCOMM, 2006. Google ScholarDigital Library
A. Ramachandran, N. Feamster, and S. Vempala. Filtering Spam with Behavioral Blacklisting. In ACM Conference on Computer and Communications Security (CCS), 2007. Google ScholarDigital Library
The Russian Business Network. http://en.wikipedia.org/wiki/Russian_Business_Network.Google Scholar
The RouteViews Project. www.routeviews.org/.Google Scholar
F. Roveta, G. Caviglia, L. Di Mario, S. Zanero, F. Maggi, and P. Ciuccarelli. Burn: Baring unknown rogue networks. In International Symposium on Visualization for Cyber Security (VizSec), 2011. Google ScholarDigital Library
Sitevet. http://sitevet.com/.Google Scholar
Spamhaus. www.spamhaus.org.Google Scholar
B. Stone-Gross, C. Kruegel, K. Almeroth, A. Moser, and E. Kirda. FIRE: Finding rogue networks. In IEEE Computer Security Applications Conference (ACSAC), pages 231--240. IEEE, 2009. Google ScholarDigital Library
C. Wagner, J. Francois, R. State, A. Dulaunoy, T. Engel, and G. Massen. ASMATRA: Ranking ASes providing transit ser- vice to malware hosters. In IFIP/IEEE International Sympososium on Integrated Network Management, pages 260--268, 2013.Google Scholar
Y. Xie, F. Yu, K. Achan, R. Panigrahy, and G. Hulten. Spamming Botnets: Signatures and Characteristics. In SIGCOMM, 2008. Google ScholarDigital Library
J. Zhang, Z. Durumeric, M. Bailey, M. Karir, and M. Liu. On the Mismanagement and Maliciousness of Networks. In Proceedings of the 21st Annual Network & Distributed System Security Symposium (NDSS '14), San Diego, California, USA, February 2013.Google Scholar
J. Zhang, J. Rexford, and J. Feigenbaum. Learning-based anomaly detection in BGP updates. In ACM SIGCOMM Workshop on Mining Network Data (MineNet), pages 219--220. ACM, 2005. Google ScholarDigital Library

Index Terms

ASwatch: An AS Reputation System to Expose Bulletproof Hosting ASes
1. Networks
  1. Network services
    1. Network monitoring
2. Security and privacy
  1. Network security

Recommendations

CyberBunker 2.0 - A Domain and Traffic Perspective on a Bulletproof Hoster
CCS '21: Proceedings of the 2021 ACM SIGSAC Conference on Computer and Communications Security

In September 2019, 600 armed German cops seized the physical premise of a Bulletproof Hoster (BPH) referred to as CyberBunker 2.0. The hoster resided in a decommissioned NATO bunker and advertised to host everything but child porn and anything related ...
Read More
ASwatch: An AS Reputation System to Expose Bulletproof Hosting ASes
SIGCOMM'15
Read More
Factors influencing continuance intention to use social network sites

Factors influencing continuance intention to use Facebook are examined.Satisfaction and perceived usefulness influence continuance intention.Enjoyment and subjective norms influence continuance intention.Habit mediates the relationship between ...
Read More

Comments

Login options

Check if you have access through your login credentials or your institution to get full access on this article.

Full Access

Get this Publication

Published in
SIGCOMM '15: Proceedings of the 2015 ACM Conference on Special Interest Group on Data Communication
August 2015
684 pages
ISBN:9781450335423
DOI:10.1145/2785956
General Chairs:
Steve Uhlig
Queen Mary University of London, UK
,
Olaf Maennel
Tallinn U. of Technology in Estonia, Estonia
,
Program Chairs:
Brad Karp
University College London, UK
,
Jitendra Padhye
Microsoft, USA
ACM SIGCOMM Computer Communication Review Volume 45, Issue 4
SIGCOMM'15
October 2015
659 pages
ISSN:0146-4833
DOI:10.1145/2829988
Editors:
Konstantina Papagiannaki
Telefonica Research, Barcelona, Spain
,
Katerina Argyraki
EPFL, Switzerland
,
Hitesh Ballani
Microsoft Research Cambridge, UK
,
Fabián Bustamante
Northwestern University, USA
,
Joseph Camp
SMU, USA
,
Augustin Chaintreau
Columbia University, USA
,
Phillipa Gill
Stony Brook University, USA
,
Marco Mellia
Politecnico di Torino, Italy
,
Bhaskaran Raman
IIT Bombay, India
,
Joel Sommers
Colgate University, USA
,
Aline Carneiro Viana
INRIA, France
Issue’s Table of Contents
Copyright © 2015 ACM
Permission to make digital or hard copies of all or part of this work for personal or classroom use is granted without fee provided that copies are not made or distributed for profit or commercial advantage and that copies bear this notice and the full citation on the first page. Copyrights for components of this work owned by others than ACM must be honored. Abstracting with credit is permitted. To copy otherwise, or republish, to post on servers or to redistribute to lists, requires prior specific permission and/or a fee. Request permissions from [email protected]
Sponsors
In-Cooperation
Publisher
Association for Computing Machinery
New York, NY, United States
Publication History
- Published: 17 August 2015
Permissions
Request permissions about this article.
Request Permissions

Check for updates
Author Tags
AS reputation
bulletproof hosting
malicious networks
Qualifiers
- research-article
Conference

Acceptance Rates
SIGCOMM '15 Paper Acceptance Rate40of242submissions,17%Overall Acceptance Rate554of3,547submissions,16%
More
Funding Sources
Other Metrics
View Article Metrics

Article Metrics
- 35
  Total Citations
  View Citations
- 995
  Total Downloads
- Downloads (Last 12 months)161
- Downloads (Last 6 weeks)27
Other Metrics
View Author Metrics
Cited By
View all

PDF Format

View or Download as a PDF file.

PDF

eReader

View online with eReader.

eReader

ASwatch: An AS Reputation System to Expose Bulletproof Hosting ASes

SIGCOMM '15: Proceedings of the 2015 ACM Conference on Special Interest Group on Data Communication

Supplemental Material

References

Cited By

Index Terms

Recommendations

CyberBunker 2.0 - A Domain and Traffic Perspective on a Bulletproof Hoster

ASwatch: An AS Reputation System to Expose Bulletproof Hosting ASes

Factors influencing continuance intention to use social network sites

Comments

Login options

Full Access

Published in

Sponsors

In-Cooperation

Publisher

Publication History

Permissions

Check for updates

Author Tags

Qualifiers

Conference

Acceptance Rates

Funding Sources

Other Metrics

Article Metrics

Other Metrics

Cited By

PDF Format

eReader

Digital Edition

Caption

ASwatch: An AS Reputation System to Expose Bulletproof Hosting ASes

SIGCOMM '15: Proceedings of the 2015 ACM Conference on Special Interest Group on Data Communication

Supplemental Material

References

Cited By

Index Terms

Recommendations

CyberBunker 2.0 - A Domain and Traffic Perspective on a Bulletproof Hoster

ASwatch: An AS Reputation System to Expose Bulletproof Hosting ASes

Factors influencing continuance intention to use social network sites

Comments

Login options

Full Access

Published in

Sponsors

In-Cooperation

Publisher

Publication History

Permissions

Check for updates

Author Tags

Qualifiers

Conference

Acceptance Rates

Funding Sources

Article Metrics

Other Metrics

PDF Format

eReader

Digital Edition

Share this Publication link

Share on Social Media