Visible to the public Biblio

Filters: Author is Čejka, T.  [Clear All Filters]
2020-12-28
Hynek, K., Čejka, T., Žádník, M., Kubátová, H..  2020.  Evaluating Bad Hosts Using Adaptive Blacklist Filter. 2020 9th Mediterranean Conference on Embedded Computing (MECO). :1—5.

Publicly available blacklists are popular tools to capture and spread information about misbehaving entities on the Internet. In some cases, their straight-forward utilization leads to many false positives. In this work, we propose a system that combines blacklists with network flow data while introducing automated evaluation techniques to avoid reporting unreliable alerts. The core of the system is formed by an Adaptive Filter together with an Evaluator module. The assessment of the system was performed on data obtained from a national backbone network. The results show the contribution of such a system to the reduction of unreliable alerts.