Abstract
Besides all the advantages and reliefs the Internet brought us over the years, there are also a lot of suspicious and malicious activities taking place. Attackers are constantly developing new techniques to compromise computer systems. Furthermore, there are many malicious servers on the Internet that host, for example, exploits, drive-by download toolkits, or malicious software. We want to track the network locations of these malicious servers by analyzing different kinds of blacklists that provide a listing of suspicious servers. In this article, we present the design and implementation of our blacklist parser system that tracks 49 different blacklists. We have collected more than 2.2 million distinct blacklist entries and more than 410,000 distinct URLs in the first 80 days of running the system. Besides discussing the design, we also provide an overview of the first empirical results of analyzing the collected data. In the future, we plan to extend the system such that it provides a comprehensive overview of malicious activities on the Internet.
Sign-in/Register to access full text options 
Talk to us
Join us for a 30 min session where you can share your feedback and ask us any queries you have
Schedule a callMore From: PIK - Praxis der Informationsverarbeitung und Kommunikation
Disclaimer: All third-party content on this website/platform is and will remain the property of their respective owners and is provided on "as is" basis without any warranties, express or implied. Use of third-party content does not indicate any affiliation, sponsorship with or endorsement by them. Any references to third-party content is to identify the corresponding services and shall be considered fair use under The CopyrightLaw.
