Verification of the Effectiveness to Monitor Darknet across Multiple Organizations

Katsuya Nishijima, Takao Kondo, Tatsumi Hosokawa, Tomohiro Shigemoto, Nobutaka Kawaguchi, Hiroyuki Hasegawa, Hideyuki Honda, Yasuhito Suzuki, Tadashi Kaji, Osamu Nakamura

研究成果: Conference contribution

抄録

Researchers and network operators regularly monitor unused Internet address space called the darknet to understand malicious activities on the Internet such as malware infections, DDoS, and scanning to find vulnerable systems. The purpose of this study is to demonstrate the effectiveness of darknet monitoring across multiple organizations by conducting a detailed similarity analysis. In this paper, we analyze darknet data observed in two organizations in different industries and the first octet subnet range. We compared the results of the similarity analysis between intra-organization and inter-organization calculations by dividing the address space into multiple blocks so that one organization conducts similarity analysis in an intra-organization manner. The results show that the similarity of the source hosts is lower in the inter-organization calculation than in the intra-organization calculation. In addition, we monitor more source hosts in inter-organization. Moreover, this work also reports that the results differ depending on the destination ports/protocols. From the results obtained, we clarified the effectiveness of distributing the monitoring points of the darknet across multiple organizations.

本文言語English
ホスト出版物のタイトルProceedings - 2021 9th International Symposium on Computing and Networking Workshops, CANDARW 2021
出版社Institute of Electrical and Electronics Engineers Inc.
ページ346-351
ページ数6
ISBN(電子版)9781665428354
DOI
出版ステータスPublished - 2021
イベント9th International Symposium on Computing and Networking Workshops, CANDARW 2021 - Virtual, Online, Japan
継続期間: 2021 11月 232021 11月 26

出版物シリーズ

名前Proceedings - 2021 9th International Symposium on Computing and Networking Workshops, CANDARW 2021

Conference

Conference9th International Symposium on Computing and Networking Workshops, CANDARW 2021
国/地域Japan
CityVirtual, Online
Period21/11/2321/11/26

ASJC Scopus subject areas

  • 人工知能
  • コンピュータ ネットワークおよび通信
  • 情報システム
  • ソフトウェア

フィンガープリント

「Verification of the Effectiveness to Monitor Darknet across Multiple Organizations」の研究トピックを掘り下げます。これらがまとまってユニークなフィンガープリントを構成します。

引用スタイル