Reading the tea leaves: A comparative analysis of threat intelligence

VG Li, M Dunn, P Pearce, D McCoy… - 28th USENIX security …, 2019 - usenix.org
The term" threat intelligence" has swiftly become a staple buzzword in the computer security
industry. The entirely reasonable premise is that, by compiling up-to-date information about …

Delving into internet DDoS attacks by botnets: characterization and analysis

A Wang, W Chang, S Chen… - IEEE/ACM Transactions …, 2018 - ieeexplore.ieee.org
Internet distributed denial of service (DDoS) attacks are prevalent but hard to defend
against, partially due to the volatility of the attacking methods and patterns used by attackers …

Scanning the scanners: Sensing the internet from a massively distributed network telescope

P Richter, A Berger - Proceedings of the Internet Measurement …, 2019 - dl.acm.org
Scanning of hosts on the Internet to identify vulnerable devices and services is a key
component in many of today's cyberattacks. Tracking this scanning activity, in turn, provides …

Spoki: Unveiling a new wave of scanners through a reactive network telescope

R Hiesgen, M Nawrocki, A King, A Dainotti… - 31st USENIX Security …, 2022 - usenix.org
Large-scale Internet scans are a common method to identify victims of a specific attack.
Stateless scanning like in ZMap has been established as an efficient approach to probing at …

DarkVec: Automatic analysis of darknet traffic with word embeddings

L Gioacchini, L Vassio, M Mellia, I Drago… - Proceedings of the 17th …, 2021 - dl.acm.org
Darknets are passive probes listening to traffic reaching IP addresses that host no services.
Traffic reaching them is unsolicited by nature and often induced by scanners, malicious …

Advancing the art of internet edge outage detection

P Richter, R Padmanabhan, N Spring… - Proceedings of the …, 2018 - dl.acm.org
Measuring reliability of edge networks in the Internet is difficult due to the size and
heterogeneity of networks, the rarity of outages, and the difficulty of finding vantage points …

i-DarkVec: Incremental Embeddings for Darknet Traffic Analysis

L Gioacchini, L Vassio, M Mellia, I Drago… - ACM Transactions on …, 2023 - dl.acm.org
Darknets are probes listening to traffic reaching IP addresses that host no services. Traffic
reaching a darknet results from the actions of internet scanners, botnets, and possibly …

Detecting and interpreting changes in scanning behavior in large network telescopes

M Kallitsis, R Prajapati, V Honavar… - IEEE Transactions on …, 2022 - ieeexplore.ieee.org
Network telescopes or “Darknets” received unsolicited Internet-wide traffic, thus providing a
unique window into macroscopic Internet activities associated with malware propagation …

Ensemble Voting for Enhanced Robustness in DarkNet Traffic Detection

V Shinde, K Singhal, A Almogren, V Dhanawat… - IEEE …, 2024 - ieeexplore.ieee.org
The increasing prevalence of DarkNet traffic poses significant challenges for network
security. Despite improvements in machine learning techniques, most of the existing studies …

Chocolatine: Outage detection for internet background radiation

A Guillot, R Fontugne, P Winter… - 2019 Network Traffic …, 2019 - ieeexplore.ieee.org
The Internet is a complex ecosystem composed of thousands of Autonomous Systems (ASs)
operated by independent organizations; each AS having a very limited view outside its own …