Cleaning your house first: shifting the paradigm on how to secure networks

Authors:
Jérôme François;Giovane C. M. Moura;Aiko Pras
Affiliations:
University of Luxembourg, Interdisciplinary Centre for Security, Reliability and Trust,;Centre for Telematics and Information Technology, Faculty of Electrical Engineering, Mathematics and Computer Science, Design and Analysis of Communications Systems, Enschede, The Netherlands;Centre for Telematics and Information Technology, Faculty of Electrical Engineering, Mathematics and Computer Science, Design and Analysis of Communications Systems, Enschede, The Netherlands
Venue:
AIMS'11 Proceedings of the 5th international conference on Autonomous infrastructure, management, and security: managing the dynamics of networks and services
Year:
2011

Citing 15
Cited 1

A multifaceted approach to understanding the botnet phenomenon

Proceedings of the 6th ACM SIGCOMM conference on Internet measurement
Grid-Clustering: An Efficient Hierarchical Clustering Method for Very Large Data Sets

ICPR '96 Proceedings of the 13th International Conference on Pattern Recognition - Volume 2
Wide-scale botnet detection and characterization

HotBots'07 Proceedings of the first conference on First Workshop on Hot Topics in Understanding Botnets
BotHunter: detecting malware infection through IDS-driven dialog correlation

SS'07 Proceedings of 16th USENIX Security Symposium on USENIX Security Symposium
Measurements and mitigation of peer-to-peer-based botnets: a case study on storm worm

LEET'08 Proceedings of the 1st Usenix Workshop on Large-Scale Exploits and Emergent Threats
Spamming botnets: signatures and characteristics

Proceedings of the ACM SIGCOMM 2008 conference on Data communication
BotMiner: clustering analysis of network traffic for protocol- and structure-independent botnet detection

SS'08 Proceedings of the 17th conference on Security symposium
Studying spamming botnets using Botlab

NSDI'09 Proceedings of the 6th USENIX symposium on Networked systems design and implementation
Detecting Spam at the Network Level

EUNICE '09 Proceedings of the 15th Open European Summer School and IFIP TC6.6 Workshop on The Internet of the Future
Automated Behavioral Fingerprinting

RAID '09 Proceedings of the 12th International Symposium on Recent Advances in Intrusion Detection
A Labeled Data Set for Flow-Based Intrusion Detection

IPOM '09 Proceedings of the 9th IEEE International Workshop on IP Operations and Management
Honeypot detection in advanced botnet attacks

International Journal of Information and Computer Security
Fighting spam on the sender side: a lightweight approach

EUNICE'10 Proceedings of the 16th EUNICE/IFIP WG 6.6 conference on Networked services and applications: engineering, control and management
BotTrack: tracking botnets using NetFlow and PageRank

NETWORKING'11 Proceedings of the 10th international IFIP TC 6 conference on Networking - Volume Part I
An Overview of IP Flow-Based Intrusion Detection

IEEE Communications Surveys & Tutorials

Internet bad neighborhoods: the spam case

Proceedings of the 7th International Conference on Network and Services Management

Quantified Score

Hi-index	0.00

Visualization

Abstract

The standard paradigm when securing networks is to filter ingress traffic to the domain to be protected. Even though many tools and techniques have been developed and employed over the recent years for this purpose, we are still far from having secure networks. In this work, we propose a paradigm shift on the way we secure networks, by investigating whether it would not be efficient to filter egress traffic as well. The main benefit of this approach is the possibility to mitigate malicious activities before they reach the Internet. To evaluate our proposal, we have developed a prototype and conducted experiments using NetFlow data from the University of Twente.