Tag Archives: algorithms

new software dnsanon_rssac

We have released version 1.3 of dnsanon_rssac on 2016-06-13, a tool that processes DNS data seen in packet captures (typcally pcap format) to generate RSSAC-002 statistics reports. Our tool is at https://ant.isi.edu/software/dnsanon_rssac/index.html, with a description at https://ant.isi.edu/software/dnsanon_rssac/README.html .  Our tool builds on … Continue reading

Posted in Uncategorized | Tagged , , , , , , , , , | Leave a comment

new workshop paper “BotDigger: Detecting DGA Bots in a Single Network” in TMA 2016

The paper “BotDigger: Detecting DGA Bots in a Single Network” has appeared at the TMA Workshop on April 8, 2016 in Louvain La Neuve, Belgium (available at http://www.cs.colostate.edu/~hanzhang/papers/BotDigger-TMA16.pdf). The code of BotDigger is available on GitHub at: https://github.com/hanzhang0116/BotDigger From the abstract: To improve the … Continue reading

Posted in Uncategorized | Tagged , , , , , , , , , , , | Leave a comment

new technical report “BotDigger: Detecting DGA Bots in a Single Network”

We have released a new technical report “BotDigger: Detecting DGA Bots in a Single Network”, CS-16-101, available at http://www.cs.colostate.edu/~hanzhang/papers/BotDigger-techReport.pdf The code of BotDigger is available on GitHub at: https://github.com/hanzhang0116/BotDigger From the abstract: To improve the resiliency of communication between bots and C&C … Continue reading

Posted in Uncategorized | Tagged , , , , , , , , , , , , | Leave a comment

new conference paper “Detecting Malicious Activity with DNS Backscatter”

The paper “Detecting Malicious Activity with DNS Backscatter” will appear at the ACM Internet Measurements Conference in October 2015 in Tokyo, Japan.  A copy is available at http://www.isi.edu/~johnh/PAPERS/Fukuda15a.pdf). From the abstract: Network-wide activity is when one computer (the originator) touches many … Continue reading

Posted in Uncategorized | Tagged , , , , , , , , , , , , , , , , , , , | Leave a comment

new conference paper “Trinocular: Understanding Internet Reliability Through Adaptive Probing” in SIGCOMM 2013

The paper “Trinocular: Understanding Internet Reliability Through Adaptive Probing” was accepted by SIGCOMM’13 in Hong Kong, China (available at http://www.isi.edu/~johnh/PAPERS/Quan13c with cite and pdf, or direct pdf). From the abstract: Natural and human factors cause Internet outages—from big events like Hurricane Sandy in … Continue reading

Posted in Uncategorized | Tagged , , , , , , , , , , , | Leave a comment

New conference paper “Towards Geolocation of Millions of IP Addresses” at IMC 2012

The paper “Towards Geolocation of Millions of IP Addresses” was accepted by IMC 2012 in Boston, MA (available at http://www.isi.edu/~johnh/PAPERS/Hu12a.html). From the abstract: Previous measurement-based IP geolocation algorithms have focused on accuracy, studying a few targets with increasingly sophisticated algorithms taking … Continue reading

Posted in Uncategorized | Tagged , , , , , , , , , , , , | 1 Comment

new conference paper “Towards an AS-to-Organization Map” to appear at IMC

The paper “Towards an AS-to-Organization Map” was accepted by IMC’10 in Melbourne, Australia (available at http://www.isi.edu/~johnh/PAPERS/Cai10c.html). From the abstract: An understanding of Internet topology is central to answer various questions ranging from network resilience to peer selection or data center … Continue reading

Posted in Uncategorized | Tagged , , , , , , , , , | Leave a comment