- document
-
Lone, Q.B. (author), Moreira Moura, G.C. (author), Van Eeten, M.J.G. (author)ISPs form a centralized point to control botnet infections. However, they do not have enough incentives to invest in mitigation of botnets. In this paper, we propose an approach based on comparative metrics to incentivize ISPs to mitigate botnets.conference paper 2014
- document
-
Moreira Moura, G.C. (author), Ganan, C.H.G. (author), Lone, Q.B. (author), Poursaied, P. (author), Asghari, H. (author), Van Eeten, M.J.G. (author)IP address counts are typically used as a surrogate metric for the number of hosts in a network, as in the case of ISP rankings based on botnet infected addresses. However, due to effects of dynamic IP address allocation, such counts tend to overestimate the number of hosts, sometimes by an order of magnitude. In the literature, the rate at...conference paper 2015
- document
-
van Eeten, M.J.G. (author), Lone, Q.B. (author), Moura, Giovane C. M. (author), Asghari, H. (author), Korczynski, M.T. (author)This documents presents the final report of a two-year project to evaluate the impact of AbuseHUB, a Dutch clearinghouse for acquiring and processing abuse data on infected machines. The report was commissioned by the Netherlands Ministry of Economic Affairs, a co-funder of the development of AbuseHUB. AbuseHUB is the initiative of 9 Internet...report 2016
- document
-
Lone, Q.B. (author), Luckie, Matthew (author), Korczynski, M.T. (author), van Eeten, M.J.G. (author)Despite source IP address spoofing being a known vulnerability for at least 25 years, and despite many efforts to shed light on the problem, spoofing remains a popular attack method for redirection, amplification, and anonymity. To defeat these attacks requires operators to ensure their networks filter packets with spoofed source IP addresses...conference paper 2017
- document
-
Lone, Q.B. (author), Luckie, Matthew (author), Korczyński, MacIej (author), Asghari, H. (author), Javed, Mobin (author), van Eeten, M.J.G. (author)Internet measurement tools are used to make inferences about network policies and practices across the Internet, such as censorship, traffic manipulation, bandwidth, and security measures. Some tools must be run from vantage points within individual networks, so are dependent on volunteer recruitment. A small pool of volunteers limits the...conference paper 2018
- document
-
Lone, Q.B. (author), Frik, Alisa (author), Luckie, Matthew (author), Korczyński, MacIej (author), van Eeten, M.J.G. (author), Hernandez Ganan, C. (author)IP spoofing, sending IP packets with a false source IP address, continues to be a primary attack vector for large-scale Denial of Service attacks. To combat spoofing, various interventions have been tried to increase the adoption of source address validation (SAV) among network operators. How can SAV deployment be increased? In this work, we...conference paper 2022
- document
-
Lone, Q.B. (author)IP spoofing is the act of forging source IP addresses assigned to a host machine. Spoofing provides users the ability to hide their identity and impersonate another machine. Malicious users use spoofing to invoke a variety of attacks. Examples are Distributed Denial of Service (DDoS) attacks, policy evasion and a range of application-level...doctoral thesis 2022