Skip to main content
USENIX
  • Conferences
  • Students
Sign in
  • Home
  • Attend
    • Registration Information
    • Registration Discounts
    • Venue, Hotel, and Travel
    • Co-located Workshops
  • Program
    • Workshop Program
  • Participate
    • Instructions for Participants
    • Call for Papers
  • Sponsorship
  • About
    • Workshop Organizers
    • Services
    • Questions
    • Help Promote!
    • Past Workshops
  • Home
  • Attend
  • Program
  • Participate
    • Instructions for Participants
    • Call for Papers
  • Sponsorship
  • About
    • Workshop Organizers
    • Services
    • Questions
    • Help Promote!
    • Past Workshops

sponsors

Media Sponsor

help promote

CSET '16 button

connect with us


  •  Twitter
  •  Facebook
  •  LinkedIn
  •  Google+
  •  YouTube

twitter

Tweets by @usenix

usenix conference policies

  • Event Code of Conduct
  • Conference Network Policy
  • Statement on Environmental Responsibility Policy

You are here

Home » Developing Security Reputation Metrics for Hosting Providers
Tweet

connect with us

Developing Security Reputation Metrics for Hosting Providers

Authors: 

Arman Noroozian, Maciej Korczynski, Samaneh Tajalizadehkhoob, and Michel van Eeten, Delft University of Technology

Abstract: 

Research into cybercrime often points to concentrations of abuse at certain hosting providers. The implication is that these providers are worse in terms of security; some are considered ‘bad’ or even ‘bullet proof’.

Remarkably little work exists on systematically comparing the security performance of providers. Existing metrics typically count instances of abuse and sometimes normalize these counts by taking into account the advertised address space of the provider. None of these attempts have worked through the serious methodological challenges that plague metric design.

In this paper we present a systematic approach for metrics development and identify the main challenges: (i) identification of providers, (ii) abuse data coverage and quality, (iii) normalization, (iv) aggregation and (v) metric interpretation. We describe a pragmatic approach to deal with these challenges. In the process, we answer an urgent question posed to us by the Dutch police: ‘which are the worst providers in our jurisdiction?’. Notwithstanding their limitations, there is a clear need for security metrics for hosting providers in the fight against cybercrime.

Arman Noroozian, Delft University of Technology

Maciej Korczynski, Delft University of Technology

Samaneh Tajalizadehkhoob, Delft University of Technology

Michel van Eeten, Delft University of Technology

Open Access Media

USENIX is committed to Open Access to the research presented at our events. Papers and proceedings are freely available to everyone once the event begins. Any video, audio, and/or slides that are posted after the event are also free and open to everyone. Support USENIX and our commitment to Open Access.

BibTeX
@inproceedings {191663,
author = {Arman Noroozian and Maciej Korczynski and Samaneh Tajalizadehkhoob and Michel van Eeten},
title = {Developing Security Reputation Metrics for Hosting Providers},
booktitle = {8th Workshop on Cyber Security Experimentation and Test ({CSET} 15)},
year = {2015},
address = {Washington, D.C.},
url = {https://www.usenix.org/conference/cset15/workshop-program/presentation/noroozian},
publisher = {{USENIX} Association},
month = aug,
}
Download
Noroozian PDF
View the slides
  • Log in or    Register to post comments

Media Sponsors & Industry Partners

© USENIX

  • Privacy Policy
  • Conference Policies
  • Contact Us