Internet Bad Neighborhoods

Don’t venture too far on the internet: bad neighborhoods were located! Internet bad neighborhoods are those geographical areas where the majority of spam and phishing mails originate from. Interestingly, some regions specialize in spam, while others focus on phishing for your bank account.

Having successfully defended his dissertation at the University of Twente (the Netherlands), Giovane Moura now attracts huge crowds of attention with his research. First his research was discussed on slashdot (link), next on BBC news (link).

From the press release:

Of the 42,000 Internet Service Providers (ISPs) surveyed, just 20 were found to be responsible for nearly half of all the internet addresses that send spam. That just is one of the striking results of an extensive study by the University of Twente’s Centre for Telematics and Information Technology (CTIT). This study focused on “Bad Neighbourhoods” on the internet (which sometimes correspond to certain geographical areas) that are the source of a great deal of spam, phishing or other undesirable activity. In his thesis, Giovane Moura describes this situation in detail.

The results have practical implications. BBC writes:

The large-scale study was carried out to help fine-tune computer security tools that scrutinise the net addresses of email and other messages to help them work out if they are junk or legitimate. Such tools could make better choices if they were armed with historical information about the types of traffic that emerge from particular networks.

Giovane C. M. Moura, Anna Sperotto, Ramin Sadre, & Aiko Pras (2013). Evaluating Third-Party Bad Neighborhood Blacklists for Spam Detection IFIP/IEEE International Symposium on Integrated Network Management

Leave a Reply