Accession Number : ADA583956


Title :   An Assessment of Overt Malicious Activity Manifest in Residential Networks


Descriptive Note : Conference paper


Corporate Author : CALIFORNIA UNIV REGENTS SANTA BARBARA OFFICE OF RESEARCH


Personal Author(s) : Maier, Gregor ; Feldmann, Anja ; Paxson, Vern ; Sommer, Robin ; Vallentin, Matthias


Full Text : http://www.dtic.mil/get-tr-doc/pdf?AD=ADA583956


Report Date : 07 Jul 2011


Pagination or Media Count : 23


Abstract : While conventional wisdom holds that residential users experience a high degree of compromise and infection, this presumption has seen little validation in the way of an in-depth study. In this paper we present a first step towards an assessment based on monitoring network activity (anonymized for user privacy) of 20,000 residential DSL customers in a European urban area, roughly 1,000 users of a community network in rural India, and several thousand dormitory users at a large US university. Our study focuses on security issues that overtly manifest in such data sets, such as scanning, spamming, payload signatures, and contact to botnet rendezvous points. We analyze the relationship between overt manifestations of such activity versus the security hygiene of the user populations (anti-virus and OS software updates) and potential risky behavior (accessing blacklisted URLs). We find that hygiene has little correlation with observed behavior, but risky behavior--which is quite prevalent--more than doubles the likelihood that a system will manifest security issues.


Descriptors :   *COMPUTER NETWORK SECURITY , ANTIVIRUS SOFTWARE , COMPUTER SECURITY , CONSUMERS


Subject Categories : Computer Systems Management and Standards


Distribution Statement : APPROVED FOR PUBLIC RELEASE