DOCSLIB.ORG

Plataformas De Compartición De Incidentes De Ciberseguridad

Plataformas De Compartición De Incidentes De Ciberseguridad

PROJECTE FINAL DE CARRERA Plataformas de Compartición de Incidentes de Ciberseguridad (Cybersecurity Incident Sharing Platforms) Estudis: Enginyeria de Telecomunicació Autor: Jenifer Jiménez Gallardo Director: Manel Medina Any: 2016 2 Table of Contents 1. Acknowledgements............................................................................................................ 9 2. Summary .......................................................................................................................... 10 2.1 Resum del Projecte ................................................................................................... 10 2.2 Resumen del Proyecto .............................................................................................. 11 2.3 Abstract ..................................................................................................................... 12 3. Introduction ..................................................................................................................... 13 3.1 Background ................................................................................................................ 13 3.2 Objectives .................................................................................................................. 13 3.3 Thesis Structure ......................................................................................................... 13 4. Methodology Used........................................................................................................... 14 4.1 Cyber Threat Sources Research................................................................................. 14 4.2 Cyber Threat Sources Selection ................................................................................ 14 4.3 Quality Assessment Methodology for Data Sources ................................................ 14 4.3.1 Coverage ............................................................................................................ 14 4.3.2 Data Frequency .................................................................................................. 15 4.3.3 Accuracy of Results ............................................................................................ 16 4.4 Data Quality assessment formula ............................................................................. 17 5. Inventory and Description of Identified Sources ............................................................. 18 5.1 Abuse.ch .................................................................................................................... 18 5.2 AlienVault Open Threat Exchange ............................................................................ 20 5.3 ATLAS ........................................................................................................................... 2 5.4 Anti Phishing Working Group ...................................................................................... 4 5.5 Autoshun ..................................................................................................................... 6 5.6 Blocklist ....................................................................................................................... 8 5.7 BotScout .................................................................................................................... 10 5.8 BruteForceBlocker ..................................................................................................... 11 5.9 CI Army ...................................................................................................................... 13 5.10 Cisco IronPort SenderBase .................................................................................... 14 3 5.11 Clean MX ................................................................................................................ 16 5.12 Composite Blocking List ......................................................................................... 17 5.13 CyberCrime Tracker ............................................................................................... 20 5.14 DNS-BH Malware Domain Blocklist ....................................................................... 21 5.15 Dr Web ................................................................................................................... 23 5.16 Dragon Research Group ........................................................................................ 25 5.17 Dshield ................................................................................................................... 27 5.18 Emerging Threats ................................................................................................... 29 5.19 hpHosts .................................................................................................................. 31 5.20 ImproWare AG ....................................................................................................... 33 5.21 Kaspersky ............................................................................................................... 35 5.22 Malc0de ................................................................................................................. 37 5.23 Malware Domain List ............................................................................................. 38 5.24 NoThink! ................................................................................................................ 40 5.25 PhisTank ................................................................................................................. 42 5.26 Project Honey Pot .................................................................................................. 43 5.27 Shadowserver ........................................................................................................ 45 5.28 Spamhaus .............................................................................................................. 48 5.29 Team Cymru ........................................................................................................... 50 5.30 Zone H .................................................................................................................... 52 6. Information Sources Analysis........................................................................................... 55 6.1 Summary of the evaluations ..................................................................................... 55 6.2 Data Uniqueness ....................................................................................................... 57 6.2.1 Phishing .............................................................................................................. 57 6.2.2 Malware ............................................................................................................. 58 6.2.3 Spam .................................................................................................................. 59 6.3 Timeliness .................................................................................................................. 60 6.3.1 Phishing .............................................................................................................. 60 6.3.2 Malware ............................................................................................................. 61 6.3.3 Spam .................................................................................................................. 61 4 7. Conclusions ...................................................................................................................... 62 8. Annex I: Abbreviations ..................................................................................................... 63 9. Bibliography ....................................................................................................................... 1 5 List of Figures Figure 1: Abuse.ch geographical distribution .......................................................................... 19 Figure 2: AlienVault geographical distribution ........................................................................ 21 Figure 3: ATLAS geographical distribution ................................................................................. 2 Figure 4: ATLAS Intelligence Feed .............................................................................................. 3 Figure 5: APWG geographical distribution................................................................................. 5 Figure 6: Autoshun geographical distribution ........................................................................... 7 Figure 7: Blocklist geographical distribution ............................................................................. 8 Figure 8: BotScout geographical distribution .......................................................................... 10 Figure 9: BruteForceBlocker geographical distribution ........................................................... 12 Figure 10: CI Army geographical distribution .......................................................................... 13 Figure 11: Cisco IronPort SenderBase geographical distribution ............................................ 15 Figure 12: Clean MX geographical distribution ....................................................................... 16 Figure 13: Composite Blocking List geographical distribution................................................

View Full Text

Details

  • File Type
    pdf
  • Upload Time
    -
  • Content Languages
    English
  • Upload User
    Anonymous/Not logged-in
  • File Pages
    87 Page
  • File Size
    -

Download

Channel Download Status
Express Download Enable

Copyright

We respect the copyrights and intellectual property rights of all users. All uploaded documents are either original works of the uploader or authorized works of the rightful owners.

  • Not to be reproduced or distributed without explicit permission.
  • Not used for commercial purposes outside of approved use cases.
  • Not used to infringe on the rights of the original creators.
  • If you believe any content infringes your copyright, please contact us immediately.

Support

For help with questions, suggestions, or problems, please contact us