Article thumbnail

Tracking dynamic sources of malicious activity at internet-scale

By Shoba Venkataraman, Avrim Blum, Dawn Song, Subhabrata Sen and Oliver Spatscheck

Abstract

We formulate and address the problem of discovering dynamic malicious regions on the Internet. We model this problem as one of adaptively pruning a known decision tree, but with additional challenges: (1) severe space requirements, since the underlying decision tree has over 4 billion leaves, and (2) a changing target function, since malicious activity on the Internet is dynamic. We present a novel algorithm that addresses this problem, by putting together a number of different “experts ” algorithms and online paging algorithms. We prove guarantees on our algorithm’s performance as a function of the best possible pruning of a similar size, and our experiments show that our algorithm achieves high accuracy on large real-world data sets, with significant improvements over existing approaches.

Year: 2009
OAI identifier: oai:CiteSeerX.psu:10.1.1.1014.9853
Provided by: CiteSeerX
Download PDF:
Sorry, we are unable to provide the full text but you may find it at the following location(s):
  • http://repository.cmu.edu/cgi/... (external link)
  • http://repository.cmu.edu/cgi/... (external link)
  • http://citeseerx.ist.psu.edu/v... (external link)
  • Suggested articles


    To submit an update or takedown request for this paper, please submit an Update/Correction/Removal Request.