ip reputation analysis of public databases and machine
play

IP Reputation Analysis of Public Databases and Machine Learning - PowerPoint PPT Presentation

Aug 20, 2022 •249 likes •440 views

IP Reputation Analysis of Public Databases and Machine Learning Techniques Jared Lee Lewis Geanina F. Tambaliuc Husnu S. Narman Wook-Sung Yoo Weisberg Division of Computer Science Marshall University narman@marshall.edu

  1. IP Reputation Analysis of Public Databases and Machine Learning Techniques Jared Lee Lewis Geanina F. Tambaliuc Husnu S. Narman Wook-Sung Yoo Weisberg Division of Computer Science Marshall University narman@marshall.edu https://hsnarman.github.io/ February 2020

  2. Outline • Introduction • Blacklists • Machine Learning Techniques • System Model • Results • Conclusion Husnu S. Narman

  3. Introduction Blacklist Introduction • The common usage of Internet adds many Learning challenges in terms of protecting user data. • Unfortunately, applications cannot protect the user privacy and become a threat to user data security Model because of new malware. • 4 new malware samples discovered / sec Results • More than 200 million new malware samples / year Conclusion Husnu S. Narman

  4. Conclusion Results Model Learning Blacklist Introduction Introduction Husnu S. Narman

  5. Introduction Blacklist Microsoft Exchange To prevent the users from spam and phishing email, Microsoft Exchange uses 8 filtering criteria: Learning • Connection Filtering • Sender Filtering • Recipient Filtering Model • Sender ID • Content Filtering • Sender Reputation Results • Attachment Filtering • Junk Email Filtering Conclusion Husnu S. Narman

  6. Introduction Blacklist The Importance of DNS The Domain Name System (DNS) plays an important role in filtering and protection techniques because DNS protocol is used by both cyber-attacks Learning and authorized services. Model Domain Name IP: 153.92.0.100 Results Conclusion Husnu S. Narman

  7. Introduction Blacklist Objective The objective of this research is to analyze the Learning public databases and machine learning techniques to detect malicious IP addresses Model and domains and introduce Automated IP Reputation Analyzer Tool (AIRPA), which uses both approaches to check the reputations of Results IPs and domains. Conclusion Husnu S. Narman

  8. Introduction Blacklist Public Blacklist Databases • Seven main databases: Learning • VirusTotal • URLVoid • MyIP.MS Model • Censys • AbuseIPDB • Apility.io Results • Shodan and 102 sub-databases. Conclusion Husnu S. Narman

  9. Introduction Blacklist Limitations of Public Blacklist Databases Unfortunately, the public blacklists have some limitations (Free Learning versions): • VirusTotal: 4 requests / minute • AbuseIPDB: 1,000 reports and checks per day and 60 requests per minute Model • Shodan: 1 request/ second • MyIP.MS: 150 requests/month Results • Apility.io: 250 requests/day and 50 requests/minute • Censys: 250 requests/month • May not regularly update Conclusion • Wrong information Husnu S. Narman

  10. Introduction Blacklist Machine Learning Models With 80,000 good and 80,000 bad domains Learning • Logistic Regression • Bayes Model • Random Forest Results • Logistic Regression with geolocation • Bayes with geolocation Conclusion • Random Forest with geolocation Husnu S. Narman

  11. Introduction Blacklist System Model and App: http://ipreputation.herokuapp.com/ Learning Model Results Conclusion Logistic Regression Husnu S. Narman

  12. Introduction Blacklist App: http://ipreputation.herokuapp.com/ Learning Model Results Conclusion Husnu S. Narman

  13. Introduction Blacklist App Fast Check: http://ipreputation.herokuapp.com/ Learning Model Results Conclusion Husnu S. Narman

  14. Introduction Blacklist Results Result for testing unsafe 1586 IPs in public databases and AIRPA Learning AIRPA has the highest correctness rate with cross Model check Results Conclusion Husnu S. Narman

  15. Introduction Blacklist Results Result for testing distinct learning techniques with/without geolocation Learning Logistic Regression with geolocation has the highest Model correctness. Random Forest without Results geolocation has the lowest correctness. Conclusion Husnu S. Narman

  16. Introduction Blacklist Results Result for Runtime of distinct learning techniques with / without geolocation. Learning Logistic Regression has the lowest running time. Model Random Forest Results with geolocation has the highest running time. Conclusion Husnu S. Narman

  17. Introduction Conclusion Blacklist Cross-checking system is better in terms of detection the malicious IPs in public databases but also decrease false positives. Learning Considering additional parameters with machine learning techniques to find IPs’ reputations can affect the obtained results in a better way but increase runtime Model Ability in public databases and Logical Regression in machine learning techniques have higher detection rates. Results Conclusion 17 Husnu S. Narman

  18. Thank You narman@marshall.edu https://hsnarman.github.io/ Husnu S. Narman

Download Presentation
Download Policy: The content available on the website is offered to you 'AS IS' for your personal information and use only. It cannot be commercialized, licensed, or distributed on other websites without prior consent from the author. To download a presentation, simply click this link. If you encounter any difficulties during the download process, it's possible that the publisher has removed the file from their server.

Recommend

THE REPUTATION BOOSTING MACHINE By The HOTH This Is For YOU Local Business, Online

THE REPUTATION BOOSTING MACHINE By The HOTH This Is For YOU Local Business, Online

STARTING SHORTLY: THE REPUTATION BOOSTING MACHINE By The HOTH This Is For YOU Local Business, Online Business, Agency Youre looking to get more 5 star reviews - FAST You want to build a BULLETPROOF awesome reputation

1.7k views • 110 slides
Machine Learning: Der KDD-Prozess Knowledge Discovery in Databases Machine Learning Data-Mining

Machine Learning: Der KDD-Prozess Knowledge Discovery in Databases Machine Learning Data-Mining

Machine Learning: Der KDD-Prozess Knowledge Discovery in Databases Machine Learning Data-Mining Aufgaben Aufgabe Von Daten zum Wissen Wissensextraktion durch We are drowing in automatisches Erkennen von information,

1.01k views • 47 slides
Data as News: Journalists Experiences in Seeking and Using Databases of Public Records Ira

Data as News: Journalists Experiences in Seeking and Using Databases of Public Records Ira

Data as News: Journalists Experiences in Seeking and Using Databases of Public Records Ira Chinoy Philip Merrill College of Journalism University of Maryland How journalists use databases of public records The language of databases

1.18k views • 89 slides
Vodacom Sustainability Strategy 1 C2 General WHY Sustainability Building good reputation

Vodacom Sustainability Strategy 1 C2 General WHY Sustainability Building good reputation

Vodacom Sustainability Strategy 1 C2 General WHY Sustainability Building good reputation Increasing revenues Improved reputation and trust Opportunity for new products & (trusted by the public be known services (e.g. Thetha

328 views • 21 slides
The Limits of Reputation in Platform Markets: An Empirical Analysis and Field Experiment Chris

The Limits of Reputation in Platform Markets: An Empirical Analysis and Field Experiment Chris

The Limits of Reputation in Platform Markets: An Empirical Analysis and Field Experiment Chris Nosko Steve Tadelis University of Chicago UC Berkeley and NBER November 16, 2015 Nosko and Tadelis Limits of Reputation November 16, 2015 1 / 33

697 views • 42 slides
Reputation Systems Reputation systems: quantify the trust between different users. Application:

Reputation Systems Reputation systems: quantify the trust between different users. Application:

Formal Verification of e-Reputation Protocols 1 Ali Kassem 2 , Pascal Lafourcade 1 , Yassine Lakhnech 2 1 University dAuvergne, LIMOS 2 Universit Grenoble Alpes, CNRS, VERIMAG The 7th International Symposium on Foundations & Practice of

583 views • 33 slides
Reputation Network Analysis for Email Filtering Jennifer Golbeck, James Hendler Department of

Reputation Network Analysis for Email Filtering Jennifer Golbeck, James Hendler Department of

Reputation Network Analysis for Email Filtering Jennifer Golbeck, James Hendler Department of Computer Science University of Maryland, College Park MINDSWAP 1 The Popularity of Social Networking (i.e. I like Kevin Bacon, too!)

455 views • 17 slides
EconS 424- Strategy and Game Theory Reputation and Incomplete information in a public good project

EconS 424- Strategy and Game Theory Reputation and Incomplete information in a public good project

EconS 424- Strategy and Game Theory Reputation and Incomplete information in a public good project How to nd Semi-separating equilibria? April 14, 2014 1 A public good game Let us consider the following public good game, based on Watson

159 views • 11 slides
Creating Databases and Tables Introduction to Databases in Python Creating Databases

Creating Databases and Tables Introduction to Databases in Python Creating Databases

INTRODUCTION TO DATABASES IN PYTHON Creating Databases and Tables Introduction to Databases in Python Creating Databases Varies by the database type Databases like PostgreSQL and MySQL have command line tools to initialize

878 views • 31 slides
Online Reputation Security It takes 20 years to build a reputation and five minutes to ruin

Online Reputation Security It takes 20 years to build a reputation and five minutes to ruin

Online Reputation Security It takes 20 years to build a reputation and five minutes to ruin it. If you think about that, youll do things differently Warren Buffett NASDAQ ABC Stock after Roseanne Barrs Tweet and Show

698 views • 51 slides
Reputation how can you have an impact? Stefaan Fiers, PhD Communications & Public Policy

Reputation how can you have an impact? Stefaan Fiers, PhD Communications & Public Policy

(C)St. Fiers - BeAPP presentation 2/3/2018 Reputation how can you have an impact? Stefaan Fiers, PhD Communications & Public Policy Director, pharma.be ste_fiers pharmabe While we are all patient centric 1 (C)St. Fiers - BeAPP

390 views • 11 slides
Aucklands DNA Rollout Process Place DNA Reputation Themes Final Reputation Framework

Aucklands DNA Rollout Process Place DNA Reputation Themes Final Reputation Framework

Aucklands DNA Rollout Process Place DNA Reputation Themes Final Reputation Framework Framework 3 Reputation Storybook Themes 1 Destination reputation 2 The power of stories 3 The importance of themes 4 Aucklands Place DNA

663 views • 64 slides
Reputation Management Destroy or Salvage Reputation? Through their actions following a crisis,

Reputation Management Destroy or Salvage Reputation? Through their actions following a crisis,

Reputation Management Destroy or Salvage Reputation? Through their actions following a crisis, brands decide if they destroy or salvage their reputations. And of course, their partners matter too specifically their PR firms. DO YOU DESERVE

475 views • 28 slides
Databases and PHP Accessing databases from PHP PHP & Databases l PHP can connect to

Databases and PHP Accessing databases from PHP PHP & Databases l PHP can connect to

Databases and PHP Accessing databases from PHP PHP & Databases l PHP can connect to virtually any database l There are specific functions built-into PHP to connect with some DB l There is also generic ODBC functions that will work with many

868 views • 28 slides
Living Up to Reputation: Cooperation in Public Good Experiments in Rural Kenyan Communities Olga

Living Up to Reputation: Cooperation in Public Good Experiments in Rural Kenyan Communities Olga

Living Up to Reputation: Cooperation in Public Good Experiments in Rural Kenyan Communities Olga Rostapshova NBER/Social Impact Inc. October 19, 2013 SPI Annual conference 2013 Motivation In developing countries, voluntary contributions

413 views • 30 slides
Schools & Reputation Management Overview Introductions The Importance of managing

Schools & Reputation Management Overview Introductions The Importance of managing

Schools & Reputation Management Overview Introductions The Importance of managing your schools reputation How can social media affect your schools reputation? The press Legal issues Case studies

321 views • 13 slides
Administrivia CS 188: Artificial Intelligence Reminder: Spring 2006 Drop-in Python/Unix

Administrivia CS 188: Artificial Intelligence Reminder: Spring 2006 Drop-in Python/Unix

Administrivia CS 188: Artificial Intelligence Reminder: Spring 2006 Drop-in Python/Unix lab Friday 1-4pm, 275 Soda Hall Optional, but recommended Accommodation issues Lecture 2: Agents 1/19/2006 Project 0 will be up by

288 views • 6 slides
Machine Learning Machine Learning: algorithms that use experience to improve their

Machine Learning Machine Learning: algorithms that use experience to improve their

Machine Learning Machine Learning: algorithms that use experience to improve their performance We use machine learning in situations where it is very challenging (or impossible) to define the rules by hand: e.g. face detection

1.04k views • 28 slides
CMPSC443 - Introduction to Computer and Network Security Module: EMail Secuirty Professor

CMPSC443 - Introduction to Computer and Network Security Module: EMail Secuirty Professor

429 views • 21 slides
20 years of Web search where to next? Mark Sanderson Who am I? Professor at RMIT

20 years of Web search where to next? Mark Sanderson Who am I? Professor at RMIT

20 years of Web search where to next? Mark Sanderson Who am I? Professor at RMIT University, Melbourne Before Professor at University of Sheffield Researcher at UMass Amherst Researcher at University of Glasgow Online

764 views • 42 slides
Lecture 4: Introduction to Classification for NLP Julia Hockenmaier juliahmr@illinois.edu 3324

Lecture 4: Introduction to Classification for NLP Julia Hockenmaier juliahmr@illinois.edu 3324

CS447: Natural Language Processing http://courses.engr.illinois.edu/cs447 Lecture 4: Introduction to Classification for NLP Julia Hockenmaier juliahmr@illinois.edu 3324 Siebel Center Lecture 04, Part 1: Review and Overview CS447 Natural

767 views • 55 slides
What is Green? What does it mean to be green? Why is being green important?

What is Green? What does it mean to be green? Why is being green important?

How to Green Your Office: Creating the Environmentally Friendly Office Presented by: Nat Hall What is Green? What does it mean to be green? Why is being green important? Who benefits? How Green is Your Office Now? Do

557 views • 7 slides
Natural language processing using constraint-based grammars Ann Copestake University of Cambridge

Natural language processing using constraint-based grammars Ann Copestake University of Cambridge

Natural language processing using constraint-based grammars Ann Copestake University of Cambridge Computer Laboratory Center for the Study of Language and Information, Stanford aac@cl.cam.ac.uk Overview of course NLP applications.

1.05k views • 86 slides
Introduction to Machine Learning Introduction to Machine Learning Introduction to Machine

Introduction to Machine Learning Introduction to Machine Learning Introduction to Machine

Introduction to Machine Learning Introduction to Machine Learning Introduction to Machine Learning Introduction to Machine Learning Introduction to Machine Learning Rob Schapire Princeton University www.cs.princeton.edu/ schapire Machine

1.26k views • 38 slides

More recommend