Visualizing Cyber Attacks using IP Matrix
VIZSEC '05 Proceedings of the IEEE Workshops on Visualization for Computer Security
An Email Geographic Path-Based Technique for Spam Filtering
CIS '07 Proceedings of the 2007 International Conference on Computational Intelligence and Security
Internet geolocation: Evasion and counterevasion
ACM Computing Surveys (CSUR)
Filtering spam from bad neighborhoods
International Journal of Network Management
Internet bad neighborhoods: the spam case
Proceedings of the 7th International Conference on Network and Services Management
Hi-index | 0.00 |
IP Geolocation is used to determine the geographical location of Internet users based on their IP addresses. When it comes to security, most of the traditional geolocation analysis is performed at country level. Since countries usually have many cities/towns of different sizes, it is expected that they behave differently when performing malicious activities. Therefore, in this paper we refine geolocation analysis to the city level. The idea is to find the most dangerous cities on the Internet and observe how they behave. This information can then be used by security analysts to improve their methods and tools. To perform this analysis, we have obtained and evaluated data from a real-world honeypot network of 125 hosts and from production e-mail servers.