• Title/Summary/Keyword: Detecting black IPs

Search Result 1, Processing Time 0.013 seconds

A Study on Detecting Black IPs for Using Destination Ports of Darknet Traffic (다크넷 트래픽의 목적지 포트를 활용한 블랙 IP 탐지에 관한 연구)

  • Park, Jinhak;Kwon, Taewoong;Lee, Younsu;Choi, Sangsoo;Song, Jungsuk
    • Journal of the Korea Institute of Information Security & Cryptology
    • /
    • v.27 no.4
    • /
    • pp.821-830
    • /
    • 2017
  • The internet is an important infra resource that it controls the economy and society of our country. Also, it is providing convenience and efficiency of the everyday life. But, a case of various are occurred through an using vulnerability of an internet infra resource. Recently various attacks of unknown to the user are an increasing trend. Also, currently system of security control is focussing on patterns for detecting attacks. However, internet threats are consistently increasing by intelligent and advanced various attacks. In recent, the darknet is received attention to research for detecting unknown attacks. Since the darknet means a set of unused IP addresses, no real systems connected to the darknet. In this paper, we proposed an algorithm for finding black IPs through collected the darknet traffic based on a statistics data of port information. The proposed method prepared 8,192 darknet space and collected the darknet traffic during 3 months. It collected total 827,254,121 during 3 months of 2016. Applied results of the proposed algorithm, black IPs are June 19, July 21, and August 17. In this paper, results by analysis identify to detect frequency of black IPs and find new black IPs of caused potential cyber threats.